-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathinstall.ubuntu.old
374 lines (259 loc) · 10.1 KB
/
install.ubuntu.old
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
XX.) Set up IPSec:
apt-get install ipsec-tools
- set up an /etc/ipsec-tools.conf which should contain sections like:
---------------------------
###### connections of 192.168.1.1 to 192.168.1.2 ######
# AH SAs using 128 bit long keys
add 192.168.1.1 192.168.1.2 ah 0x010 -A hmac-md5
0x8c4708518e279fa02362564358550777;
add 192.168.1.2 192.168.1.1 ah 0x011 -A hmac-md5
0x2e6893cd15b62788e6b0b70261ec4823;
# ESP SAs using 192 bit long keys (168 + 24 parity)
add 192.168.1.1 192.168.1.2 esp 0x012 -E 3des-cbc
0x6f719567a590b91de95bfa460f1576393ae0e6d6b5522c4c;
add 192.168.1.2 192.168.1.1 esp 0x013 -E 3des-cbc
0x814c676ea62123fc1c818ff4270eaf254489fccf540ab24f;
# Security policies
spdadd 192.168.1.1 192.168.1.2 any -P in ipsec
esp/transport//require
ah/transport//require;
spdadd 192.168.1.2 192.168.1.1 any -P out ipsec
esp/transport//require
ah/transport//require;
---------------------------
- do this for each to/from pair. This needs to be set up on each side
- of the connection, and you want to flip the in/out section of the
- policy on one side.
- to generate the AH key, do:
dd if=/dev/random count=16 bs=1| xxd -ps
- and take the output and use it for the key. Remember to stick the 0x
- in front of it
- to generate the ESP key, do:
dd if=/dev/random count=24 bs=1| xxd -ps
- and take the output and use it for the key. Remember to stick the 0x
- in front of it
- Change the permissions on the file to make it not world readable:
chmod 700 ipsec-tools.conf
- Fix stop order
sudo update-rc.d -f setkey remove
sudo update-rc.d setkey start 37 0 6 S .
XX.) Optional, set up ATI binary drivers:
IMPORTANT NOTE - this BREAKS software suspend in hoary!!!!
ADDENDUM - and breezy!
ADDENDUM - since there is opengl support in dapper, I didn't even try....
apt-get install xorg-driver-fglrx fglrx-control
- Add fglrx to /etc/modules
- load it:
depmod -a
modprobe fglrx
- edit /etc/X11/XF86Config-4 and change "ati" or "radeon" to "fglrx"
- restart X and it should work
XX.) Set up ieee1394 support for machines w/ firewire support
- MC - DAPPER note - not sure if this is necessary, putting off
- Info:
http://www.ubuntulinux.org/wiki/HowToCaptureDigitalVideo
- Add the following to /etc/init.d/bootmisc.sh, right at the end before
- the exit:
mknod /dev/raw1394 c 171 0
chown root:video /dev/raw1394
chmod 660 /dev/raw1394
- People have to be in the video group to do video things...
XX.) xplanet
xplanet -transparency -origin "moon" -projection "orthographic"
More info (clouds, etc) here:
http://www.number.ch/wiki/index.php/XplanetClouds
This seems to be done automagically....
XX.) Optional, set up lm sensors:
- howto is here:
http://www.ubuntuforums.org/showthread.php?t=2780
- install sensor reading packages:
sudo apt-get install lm-sensors
- run the mkdev.sh script (look in /usr/local/apps/lm_sensors)
- find your sensors; run sensors-detect and answer a lot of YES
- questions to probe for sensors. This will generate a list of what you
- need to do to make it work. Do that.
- Reboot
- Run sensors to test it. Gkrellm can read the sensors
- config lives in /etc/sensors.conf. This can be used to modify the scales
- and such
This seems to be done automagically....
XX.) Add important modules to /etc/modules
vfat
- for machines with 3ware cards
3w-xxxx
XX.) mysql and phpmyadmin
sudo apt-get install mysql-server-5.0 phpmyadmin
XX.) Set up Xen
https://wiki.ubuntu.com/XenOnEdgy
- DOES NOT WORK ON LAPTOPS (no ACPI support)
(a) install stuff
sudo apt-get install xen-hypervisor-3.0-i386 xen-image-xen0-2.6.17-5-generic-xen0 xen-utils-3.0
sudo mkinitramfs -o /boot/xen0-linux-2.6.17-5-generic-xen0.initrd.img 2.6.17-5-generic-xen0
(b) edit /etc/initramfs-tools/hooks/xensupport and put in:
#!/bin/sh -e
. /usr/share/initramfs-tools/hook-functions
force_load xenblk
- then
sudo chmod u+x /etc/initramfs-tools/hooks/xensupport
(c) add the following to /boot/grub/menu.lst, above the automagic section
title XEN/2.6.17-5
root (hd0,1)
kernel /xen-3.0-i386.gz
module /xen0-linux-2.6.17-5-generic-xen0 root=UUID=8a7e0bad-8914-4547-a1ba-b51c8c7ce22f ro quiet splash
module /xen0-linux-2.6.17-5-generic-xen0.initrd.img
(d) edit /etc/xen/xend-config.sxp and comment out:
(network-script network-dummy)
- and add:
(network-script network-bridge)
(f) Reboot
##################### DOMAIN MEMBER SET UP SECTION #########################
XX.) Set up NIS server:
### Add to hosts:
- Make sure the server and all clients are in /etc/hosts. This means things
- will still work if DNS dies or anything else bad happens.
### Get the bits you need. When asked, enter the name of your domain:
apt-get install nis
### Set things up:
- edit /etc/default/nis, and change the following:
NISSERVER=master
- edit /etc/yp.conf and add the line:
domain fnord server yt
- edit /etc/defaultdomain and add the line:
fnord
- (this is not necessary if you set it up when the package was installed)
- edit /var/yp/Makefile set it up. It is well commented.
- NOTES:
- MINGID should be set to 1 in order to propagate the groups (cdrom,
- floppy, games, etc) correctly on all machines.
- All I changed was the MINGID, the rest was fine
- edit /etc/ypserv.securenets and add lines to restrict to domain
- members. I use lines like:
host 192.168.9.1
host 192.168.9.6
- Make sure to comment out the 0.0.0.0 line
- To build the DB for the first time, run:
/usr/lib/yp/ypinit -m
- and follow the instructions (the one server is fine)
- This will throw some errors. It's okay.
- restart portmap and nis
/etc/init.d/portmap restart
/etc/init.d/nis restart
- NOTE: I had some problems with portmap stopping/releasing the IP
- address. Try kill -9ing it. If that doesn't work, try rebooting.
- if you change people's passwords or something, do
make -C /var/yp
- To test do:
ypcat passwd
XX.) Set up NIS client:
### A note about administration:
- Since there is no root user, make sure that whomever you want to be
- able to admin the machine is in /etc/sudoers on the client
- machine. It is also a good idea to have those users as local users on the
- machine, with the SAME UID as is shared over NIS.
### Add to hosts:
- Make sure the server is in /etc/hosts. This means things
- will still work if DNS dies or anything else bad happens.
### Get the bits you need. When asked, enter the name of your domain:
apt-get install nis
### Set things up:
- edit /etc/passwd and add the following line at the end:
+::::::
- edit /etc/group and add the following line at the end:
+:::
- edit /etc/shadow and add the following line at the end:
+::::::::
- edit /etc/yp.conf and add the line:
domain fnord server yt
- edit /etc/defaultdomain and add the line:
fnord
- restart nis:
/etc/init.d/nis restart
- NOTE: sshd will have to be restarted to use the new authentication
- scheme
/etc/init.d/sshd restart
XX.) Set up NFS server:
https://help.ubuntu.com/community/NFSv4Howto
### Get the bits you need:
apt-get install nfs-common nfs-kernel-server
### Create the base share directory and mount points
mkdir /export
mkdir /export/home
mkdir /export/pub
mkdir /export/usr_local
### Edit fstab and add the lines to bind to this directory
/home /export/home none bind 0 0
/pub /export/pub none bind 0 0
/usr/local /export/usr_local none bind 0 0
# mount those
mount -a
### Add to netgroups:
- Edit /etc/netgroup and add a line like:
boxen (yt,,) (case,,)
- Do:
make -C /var/yp
### edit /etc/exports and add shares, like:
/export @boxen(ro,fsid=0,sync)
/export/home @boxen(rw,nohide,sync)
/export/pub @boxen(rw,nohide,sync)
/export/usr_local @boxen(rw,nohide,sync)
- Then do:
exportfs -ra
- Restart it:
/etc/init.d/nfs-kernel-server restart
- because of this bug:
https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/87382
Change /etc/init.d/nfs-common to be like this:
log_progress_msg "idmapd"
start-stop-daemon --start --oknodo --quiet \
--pidfile /var/run/rpc.idmapd.pid \
--make-pidfile --exec /usr/sbin/rpc.idmapd
and restart it:
/etc/init.d/nfs-common restart
6.) Set up NFS client:
- in /etc/fstab
# device mountpoint fs-type options dump fsckorder
yt:/home /home nfs4 rw,hard,intr,rsize=32768,wsize=32768 \ 0 0
yt:/pub /pub nfs4 rw,hard,intr,rsize=32768,wsize=32768 \ 0 0
yt:/usr_local /usr/local nfs4 rw,hard,intr,rsize=32768,wsize=32768 \ 0 0
- Make the mount points
- Mount them with:
mount -a
- because of this bug:
https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/87382
Change /etc/init.d/nfs-common to be like this:
log_progress_msg "idmapd"
start-stop-daemon --start --oknodo --quiet \
--pidfile /var/run/rpc.idmapd.pid \
--make-pidfile --exec /usr/sbin/rpc.idmapd
and restart it:
/etc/init.d/nfs-common restart
- because of this bug:
https://bugs.launchpad.net/ubuntu/+source/sysvinit/+bug/45842
- edit /etc/init.d/mountall.sh and comment out the mount lines and make them:
mount -a
sudo update-rc.d -f mountall.sh remove
sudo update-rc.d mountall.sh start 35 2 S .
XX.) Make google eath from package...
- Download google earth from wherever and save it someplace
- Go to that directory
- Do:
make-googleearch-package
- It will make a deb file. Install the deb file with:
dpkg -i <the name of the resulting file>.deb
XX.) (thinkpad laptop only) Scale down the CPU so it stops overheating:
- etc /etc/default/acpi-support
- edit /etc/laptop-mode/laptop-mode.conf and make the following changes:
ENABLE_LAPTOP_MODE_ON_AC=1
CONTROL_CPU_FREQUENCY=1
LM_AC_CPU_MAXFREQ=1000000
NOLM_AC_CPU_MAXFREQ=1000000
NOLM_AC_CPU_GOVERNOR=ondemand
- then do:
sudo /etc/init.d/laptop-mode restart
XX.) Install some games
apt-get install cgoban gnugo penguin-command xfrisk xbill prboom xmess-x xmess-sdl xmame-x xmame-sdl xmame-tools joystick jscalibrator stratagus-gl wesnoth-all boson boson-music craft wormux wormux-data dosbox lincity-ng
XX.) Install doom wads
cd /usr/share/games/doom
sudo rm doom2.wad
sudo ln -s /usr/share/games/freedoom/doom2.wad ./doom2f.wad
sudo ln -s /usr/local/games/games/datafiles/doom/* .