Ubuntu

From NA-Wiki

Revision as of 11:57, 5 September 2007 by Stockli (Talk | contribs)
Jump to: navigation, search

Contents

Ubuntu @ NA

The installation process is divided into two stages. The first stage contains nessicary steps which you need to do to have your system compliant to the KTH policy.

Username and hostname

Don't use your username @ NADA.KTH.SE as your username during the installation. Instead use "ubuntu-user" as your local username.

When asked for hostname use the fully qualified hostname of the computer, i.e., something like naXY.nada.kth.se according to the label on your machine.

Partitioning the system

This is what it should look like.

Partition the system like this:

  100 MB /boot
 2000 MB swap
 8000 MB /var/cache
20000 MB /
20000 MB /home
20000 MB /NOBACKUP

whereby boot and swap are primary partitions and the rest are logical partitions.

Reboot into the system

Now shutdown from the Live installation CD and eject the CD. After that reboot into the new fresh installed Ubuntu 7.04 system.

You will get a update manager request to update. This is very important: Always update your computer each day when new updates are available

Setup root access

Enable local root account by open a terminal and typing

sudo su -
passwd

sudo su - will change user into root (the system administrator account). Then you enable the root account by setting a password. Don't pick a too simple password

Now reboot your computer for all effects to take effect. This is very important and later steps depend on it.


X.org

First off, install the proprietary NVIDIA drivers. Enable then from the System/Administration/Restricted Drivers Manager menu item.

Note: If you have a widescreen monitor (NA2007 PC), then follow the instructions below, otherwise the default xorg.conf just works.

When enabled you will be instructed to reboot. Do that after you have installed the new xorg.conf file according to the instructions below.

We need to change the /etc/X11/xorg.conf file according to

https://bugs.launchpad.net/ubuntu/+source/xresprobe/+bug/63551

Get the proper xorg.conf here

Install it with:

sudo wget -O /etc/X11/xorg.conf http://na37.nada.kth.se/restricted/ubuntu/xorg.conf



Installing OpenAFS

It is very important that your kernel is upgraded before you do this. Ubuntu kernel 2.6.20-15 is broken and cannot work together with OpenAFS

Open up a terminal and do the following:

sudo apt-get install build-essential module-assistant openafs-modules-source
sudo m-a build openafs
sudo m-a install openafs

Install the OpenAFS configuration files:

sudo wget http://na37.nada.kth.se/restricted/ubuntu/openafs_conf.tar -O /tmp/openafs_conf.tar
sudo tar xfPv /tmp/openafs_conf.tar


Now install the OpenAFS client (press ENTER on questions):

sudo apt-get install openafs-client

Verify that your /etc/openafs/afs.conf.client looks like this:

AFS_CLIENT=true
AFS_AFSDB=true
AFS_CRYPT=false
AFS_DYNROOT=false
AFS_FAKESTAT=true

Now you only have to restart the client:

sudo /etc/init.d/openafs-client restart

Attach:openafs_conf.tar

Technical Note:

Systemgruppen uses: -afsdb -dynroot -fakestat -stat 4000 -dcache 4000 -daemons 6 -volumes 256 -files 50000

From Ubuntu configuration (old documentation):

#           cache < 128MB       $SMALL
#   128MB < cache < 512MB       $MEDIUM
#   512MB < cache < 1GB         $LARGE
#     1GB < cache < 2GB         $XLARGE
#     2GB < cache               $XXLARGE
#
# You can override that default behavior by setting OPTIONS below.
XXLARGE="-chunksize 20 -files 80000 -dcache 10000 -stat 15000 -daemons 6 -volumes 500"
XLARGE="-chunksize 20 -files 50000 -dcache 10000 -stat 15000 -daemons 5 -volumes 250"
LARGE="-chunksize 18 -files 25000 -dcache 10000 -stat 15000 -daemons 5 -volumes 200"
MEDIUM="-chunksize 18 -files 10000 -dcache 5000 -stat 7500 -daemons 3 -volumes 200"
SMALL="-chunksize 18 -files 2500 -dcache 2000 -stat 3000 -daemons 2 -volumes 200"

Kerberos

Open up a terminal and do the following:

sudo apt-get install heimdal-clients{,-x}
sudo wget http://na37.nada.kth.se/restricted/ubuntu/krb5.conf -O /etc/krb5.conf

Important Kerberos commands

kauth - Kerberos authentication. ktelnet - Kerberos Telnet. The telnet binary is not wrapped as in Redhat. kftp - Kerberos FTP client. rxtelnet - Ktelnet with X11 tunneling.

See the man page of each command for further details.

Installing Kerberos behind NAT in your home

Add this section to the krb5.conf file attached to this page.

[appdefaults]
        no-addresses = true
        proxibable = true

You might also want to add renewable = true and forwardable = true.

You must also add your domain to the [domain_realm] section

[domain_realm]
        ubuntu-user-desktop = NADA.KTH.SE
        ...

Attach:krb5.conf

PAM (Pluggable Authentication Modules)

http://www.kernel.org/pub/linux/libs/pam/


Install passwd and group files

Download the file purify.sh and run it:

wget http://na37.nada.kth.se/restricted/ubuntu/purify.sh -O /tmp/purify.sh
chmod +x /tmp/purify.sh
sudo /tmp/purify.sh

Now the users and groups from the NADA.KTH.SE domain is merged into the local files.

purify.sh

This should be replaced by LDAP but even Systemgruppen are using this "hack" today. A change is coming soon according to ragge.

You need to change in /etc/group and replace ubuntu-user with your login name.

After you have done that, please remove the ubuntu-user by typing,

sudo deluser ubuntu-user

Setup PAM login


sudo apt-get install libpam-openafs-session

Change login scripts

Download gdm and install it into /etc/pam.d/gdm

su
mv /etc/pam.d/gdm /etc/pam.d/gdm.orig
wget http://na37.nada.kth.se/restricted/ubuntu/gdm -O /etc/pam.d/gdm

and apply the same thing to sudo and gnome-screensaver. We need to be careful now

su
cd /etc/pam.d
mv sudo sudo.orig
cp gdm sudo
mv gnome-screensaver gnome-screensaver.orig
cp gdm gnome-screensaver

Finish up

Now restart your computer and try and login as your NADA.KTH.SE user!


Notes:

There might be some other systems which also needs to be enabled under /etc/pam.d


Printers

Put this file in
/etc/cups/

and then restart the server:

sudo /etc/init.d/cupsys restart

Mail

Install mail is simple! Just type

sudo apt-get install postfix mailx

choose satellite system and just press enter when asked other questions, but don't select any relay host (remove smtp.nada.kth.se)

Change /etc/mailname to say: nada.kth.se

Change /etc/aliases such that,

# Added by installer for initial user
root:   na-hacks@csc.kth.se, YOUR-USER-NAME@csc.kth.se

Important: Replace YORU-USER-NAME@csc.kth.se with your own e-mail address!

Finally, do as root

newalises
/etc/init.d/postfix restart

Automatic upgrades

First install the following

sudo apt-get install cron-apt
sudo wget -O /etc/cron-apt/config http://na37.nada.kth.se/restricted/ubuntu/cron-apt/config
sudo wget -O /etc/apt/security.sources.list http://na37.nada.kth.se/restricted/ubuntu/cron-apt/security.sources.list

When you are on vacation

Remove the -d flag from /etc/cron-apt/action.d/3-download and put an automatic reboot in /etc/cron.d/cron-apt like:

 0 4    * * *   root    test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt && /sbin/reboot

When you are back from the vacation remove the reboot statement from above and the -d switch from the action.d directory.

Modules

                                                                                                                                                                                                                                                                  
su
mkdir -p /pkg/modules
ln -s /afs/nada.kth.se/pkg/modules/* /pkg/modules

Create a file /etc/csh.modules containing the following:

# /etc/csh.modules ------------------------------------------------------

source /pkg/modules/default/init/tcsh

if ( $SHLVL == 1 ) then
    setenv MANPATH `manpath -g`
    if ( -r $HOME/.modules ) then                                               
        source $HOME/.modules
    endif
endif

The "hack" for manpath is due to this "feature" in the man command. Finally add to the top of /etc/csh.cshrc a line

source /etc/csh.modules

Note: Based on the function of /etc/profile.d/nada-always.csh

Non essential changes (for now)

Installing Matlab

sudo mkdir -p /pkg/matlab
sudo rsync -avPz /afs/nada.kth.se/pkg/matlab/r2007a /pkg/matlab
sudo ln -s /pkg/matlab/r2007a/bin/matlab /usr/local/bin

Then add /usr/local/bin to your local search path. For instance by adding

setenv PATH /usr/local/bin:${PATH}

in your .login file.

Installing Mathematica

sudo mkdir -p /pkg/mathematica/5.2
sudo rsync -avPz /afs/nada.kth.se/pkg/mathematica/5.2/os/ /pkg/mathematica/5.2/
sudo rm -rf /pkg/mathematica/5.2/bin
sudo ln -s /pkg/mathematica/5.2/Executables/* /usr/local/bin

And as usual you must add /usr/local/bin to your PATH. See the installation instructions for Matlab.


Open SSH

First install the
openssh-server
package. Then get the instructions howto verify the finger print and install the key in
/root/.ssh/authorized_keys
such that
root
can login from any other Ubuntu machine.

You are not allowed to directly install to /root/.ssh/authorized_keys without first verifying the finger print!

If you fail to do so you might be causing a security breach

The fingerprint and instructions is on a paper in room 4520 to the left of the white-board.

Furthermore, ssh needs to be changed in /etc/pam.d by

cd /etc/pam.d
sudo mv ssh ssh.orig
sudo cp gdm ssh

Emacs

After the installation, install emacs

sudo apt-get install emacs emacs-goodies-el

emacs-goodies-el contains Matlab support and much more.

Swedish dictionary for ispell

sudo apt-get install aspell-sv

Don't forget to turn on syntax highlighting and parenthesis matching modes!

LaTeX

We want texlive (not the old tetex packages)

sudo apt-get install texlive

Some packages (such as psfig and algorithm) are not in that distribution. To get them install texlive-generic-extra.


Useful links

Display Microsoft fonts like on Windows

Personal tools