|
Mageia 4 Configuration Guide |
vi /var/lib/mageia/kde4-profiles/Default/share/config/kdm/kdmrc change AllowRootLogin=true systemctl restart dmThen switch back to GUI, Ctrl+Alt+F1, login as root.
Open Mageia Control Center -> Software Management -> Configure media sources for install and update Remove CD-ROM Core Release & CD-ROM Nonfree Release File -> Add a specific media mirror Choose a mirror under US, then close the window Open Mageia Control Centre -> Software Management -> Update your system Or run urpmi --auto-update from Terminal
# Entry for /dev/sda2 : UUID=c80e35c4-6b89-401b-8424-b60770d92b64 / ext4 acl,relatime 1 1 none /proc proc defaults 0 0 # Entry for /dev/sda1 : UUID=729b0784-e8f3-441e-b9cf-25d795291e9f swap swap defaults 0 0 # Network mount filesvr.phas.ubc.ca:/home /home nfs noauto,x-systemd.automount,x-systemd.device-timeout=10,timeo=14,hard,intr,noatime 0 0 filesvr.phas.ubc.ca:/home2 /home2 nfs noauto,x-systemd.automount,x-systemd.device-timeout=10,timeo=14,hard,intr,noatime 0 0 filesvr.phas.ubc.ca:/ahome /ahome nfs noauto,x-systemd.automount,x-systemd.device-timeout=10,timeo=14,hard,intr,noatime 0 0 # phys210 mount 142.103.234.164:/home/phys210 /phys210 nfs noauto,x-systemd.automount,x-systemd.device-timeout=10,timeo=14,hard,intr,noatime 0 0
mv /home /lhome vi /etc/passwd, change phasadmin home directory from /home to /lhome mkdir /home mkdir /home2 mkdir /ahome mkdir /phys210
urpmi openssh-server Open Mageia Control Centre -> Security -> Set up your personal firewall Enable SSH server & Echo request (ping) vi /etc/ssh/sshd_config PermitRootLogin yes service sshd restart
# Create file /etc/sudoers.d/01wheel to enable members of wheel group to access root via sudo # (copy & paste, run as root) $ echo "%wheel ALL=(ALL) ALL" > /etc/sudoers.d/01wheel $ chmod 440 /etc/sudoers.d/01wheel $ vi /etc/group wheel:x:10:phasadmin
urpmi cups
vi /etc/cups/client.conf, add the following line:
ServerName print.phas.ubc.ca
service cups restart# allow ssh from all our servers except hyper sshd: 142.103.236. EXCEPT 142.103.236.100 # spyder (Ron's workstn) sshd: 142.103.235.1 sshd: 142.103.235.80 # glitch (Hongyun's workstn) sshd: 142.103.237.135 # wraith (Gerry's workstn) sshd: 142.103.239.1 # karhusen (Gerry's workstn) sshd: 142.103.239.193 # allow any access from alpha and kratos ALL: 142.103.236.32 ALL: 142.103.236.15 # bh0 (Matt Choptuik's workstn) sshd: 142.103.234.164 ALL: localhost ALL: ALL: DENY
urpmi thunderbird urpmi bluefish urpmi spyder urpmi rsyslog
run install-seamonkey-64 run install-xforms-no-check urpmi --auto --force `cat rpms.txt` $ cat /usr/share/applications/seamonkey.desktop [Desktop Entry] Version=2.26 Name=SeaMonkey Exec=/usr/local/bin/seamonkey Icon=/usr/local/seamonkey/chrome/icons/default/seamonkey.png Terminal=false Type=Application Categories=Application;Development; -------------------------------------------------------------------------------- 1) Remove/disable unneeded packages/daemons ... -------------------------------------------------------------------------------- for s in postgresql bluetooth mysqld hsqldb smbd nagios autofs; do systemctl stop $s systemctl disable $s systemctl status $s done Nepomuk can use a lot of resources ... perhaps leave for now, but may want to remove it and dependent packages in the future urpme --force nepomuk-core-4.11.4-1.mga4 -------------------------------------------------------------------------------- 2) Programs/libraries built from source ... -------------------------------------------------------------------------------- cp ~choptuik/bin/* /usr/local/bin cp ~choptuik/lib/* /usr/local/lib cp ~choptuik/include/* /usr/local/include -------------------------------------------------------------------------------- 3) Maple ... -------------------------------------------------------------------------------- Add /opt/maple18/bin to default path (or make links from /usr/local/bin?) ln -s /opt/maple18/bin/{maple,xmaple} /usr/local/bin -------------------------------------------------------------------------------- 4) Settings/configuration file for NVidia driver ... -------------------------------------------------------------------------------- Make ~/.nvidia-settings-rc a default start up file, copy from ~choptuik/.nvidia-settings-rc This improves the performance of the graphics card from the default config. -------------------------------------------------------------------------------- 5) Disable lock and switch user ... -------------------------------------------------------------------------------- vi /var/lib/mageia/kde4-profiles/common/share/config/kdeglobals Add [KDE Action Restrictions] action/lock_screen[$i]=false switch_user[$i]=false
Open System Settings -> Login Screen -> Users tab
Uncheck Show listmount //batta/software to /mnt: mount.cifs //batta/software /mnt -o user=bigcheese Maple 18 MATLAB R2014a
Go to /usr/share/applications folder, create the following files: matlab.desktop[Desktop Entry] Version=1.0 Encoding=UTF-8 Name=MATLAB R2014a Type=Application Comment=MATLAB R2014a Exec=/opt/MATLAB/R2014a/bin/matlab -desktop Terminal=false Icon=/opt/MATLAB/R2014a/toolbox/nnet/nnresource/icons/matlab.png GenericName=Matlab Categories=Applications;Education;Mathematics; MimeType=application/;
# get our IP address
ip=`ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'`
# get our fqdn from the dhcp/dns server (dnsmasq)
fqdn=`dig -x $ip +short`
# strip off the dn
myname=${fqdn%%.*}
# voila
echo "Found my hostname is" $myname
# find current value in /etc/hostname
OLDNAME=`cat /etc/hostname`
# update /etc/hostname file
TMPFILE=/tmp/hostname
echo "Updating /etc/hostname"
sed "s/$OLDNAME/$myname/g" /etc/hostname > $TMPFILE && mv $TMPFILE /etc/hostname
/bin/rm -f $TMPFFILE
# update hostname
hostname -F /etc/hostname
# update /etc/hosts file
TMPFILE=/tmp/hostname
echo "Updating /etc/hosts"
sed "s/$OLDNAME/$myname/g" /etc/hosts > $TMPFILE && mv $TMPFILE /etc/hosts
/bin/rm -f $TMPFFILE
# strip off the dn
myname=${fqdn%.*}
myname="HOSTNAME=$myname"
# find the line number with HOSTNAMErestart openldap client
n=`awk '$0 ~ str{print NR}{b=$0}' str="HOSTNAME" /etc/sysconfig/network`
#echo $n
# update /etc/sysconfig/network file
echo "Updating /etc/sysconfig/network"
sed -i $n"s/.*/$myname/" /etc/sysconfig/network
urpmi ds9 urpmi saoimage
Open Mageia Control Center -> System -> Authentication
Select LDAP, it will install the packages needed for LDAP
LDAP Server ipa.phas.ubc.ca
Base dn cn=users,cn=accounts,dc=phas,dc=ubc,dc=ca
check Use encrypt connection with TLS
CA Certificate: /etc/openldap/cacert.asc
The following packages need to be installed:
nss-pam-ldapd, autofs, nss_updatedb, pam_ccreds
vi /etc/nslcd.conf uid nslcd gid nslcd uri ldap://ipa.phas.ubc.ca base dc=phas,dc=ubc,dc=ca scope sub bind_timelimit 10 ssl start_tls tls_reqcert allow tls_cacertfile /etc/openldap/cacert.asc base passwd cn=users,cn=accounts,dc=phas,dc=ubc,dc=ca base group cn=groups,cn=accounts,dc=phas,dc=ubc,dc=ca
$ cat restartldap #! /bin/sh # chkconfig:2345 95 20 # description:restart nslcd.service after system boot # processname: restartldap `systemctl restart nslcd.service` /etc/init.d/sethostname $ chmod a+x restartldap $ chmod a+x sethostname $ chkconfig --add restartldap $ chkconfig --level 2345 restartldap on
# blacklisted modules for PCI coldplug vi /etc/modprobe.d/blacklist-mga.conf # disable usb storage blacklist usb-storage # Listing a module here prevents the hotplug scripts from loading it vi /etc/modprobe.d/blacklist-compat.conf # USB Storage blacklist usb_storage
Modify /usr/share/polkit-1/actions/org.freedesktop.login1.policy Under Suspend the system section, change allow_active to No Under Suspend the system while other users are logged in section, change allow_active to No Under Hibernate the system section, change allow_active to No Under Hibernate the system while other users are logged in section, change allow_active to No
| webmaster@phas.ubc.ca | [Dept. Home Page] | Last updated: |