|
Scientific Linux Configuration Guide |
# grub.conf generated by anaconda # # Note that you do not have to rerun grub after making changes to this file # NOTICE: You do not have a /boot partition. This means that # all kernel and initrd paths are relative to /, eg. # root (hd0,0) # kernel /boot/vmlinuz-version ro root=/dev/sda1 # initrd /boot/initrd-[generic-]version.img #boot=/dev/sda default=0 timeout=5 splashimage=(hd0,0)/boot/grub/splash.xpm.gz hiddenmenu title Scientific Linux (2.6.32-431.5.1.el6.x86_64) root (hd0,0) kernel /boot/vmlinuz-2.6.32-431.5.1.el6.x86_64 ro root=/dev/sda1 rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=128M KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet title Scientific Linux (2.6.32-431.el6.x86_64) root (hd0,0) kernel /boot/vmlinuz-2.6.32-431.el6.x86_64 ro root=/dev/sda1 rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=128M KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet initrd /boot/initramfs-2.6.32-431.el6.x86_64.img
# /etc/fstab # Created by anaconda on Fri Feb 21 04:31:04 2014 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/sda1 / ext3 defaults 1 1 /dev/sda2 swap swap defaults 0 0 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 # filesvr.phas.ubc.ca:/home /home nfs rw,rsize=32768,wsize=32768,hard,intr,bg 0 0 filesvr.phas.ubc.ca:/home2 /home2 nfs rw,rsize=32768,wsize=32768,hard,intr,bg 0 0 filesvr.phas.ubc.ca:/ahome /ahome nfs rw,rsize=32768,wsize=32768,hard,intr,bg 0 0 # phys210 mount 142.103.234.164:/home/phys210 /phys210 nfs rw,rsize=32768,wsize=32768,hard,intr,bg 0 0
mkdir /home2 mkdir /ahome mkdir /phys210
ServerName print.phas.ubc.ca
# allow ssh from all our servers except hyper sshd: 142.103.236. EXCEPT 142.103.236.100 # spyder (Ron's workstn) sshd: 142.103.235.1 # ada (Mary Ann's workstn) sshd: 142.103.237.132 # glitch (Hongyun's workstn) sshd: 142.103.237.135 # wraith (Gerry's workstn) sshd: 142.103.239.1 # karhusen (Gerry's workstn) sshd: 142.103.239.193 # allow any access from alpha and kratos ALL: 142.103.236.32 ALL: 142.103.236.15 # bh0 (Matt Choptuik's workstn) sshd: 142.103.234.164 ALL: localhost ALL: ALL: DENY
chmod 700 /media
sudo chmod 700 /usr/bin/gnome-screensaver
yum install thunderbird #Add EPEL repository: wget http://mirror-fpt-telecom.fpt.net/fedora/epel/6/i386/epel-release-6-8.noarch.rpm rpm -ivh epel-release-6-8.noarch.rpm yum install seamonkey yum install bluefish
yum install freeglut freeglut-devel yum install binutils binutils-devel yum install cmake yum install libXi libXi-devel yum install libjpeg libjpeg-devel yum install libXpm-devel install xforms-1.0.94prell
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type Boolean --set /apps/gdm/simple-greeter/disable_user_list True
Maple 16 MATLAB R2013b Spyder: (Reference: http://code.google.com/p/spyderlib/wiki/Installation) wget https://bitbucket.org/spyder-ide/spyderlib/downloads/spyder-2.3.0.zip unzip spyder-2.3.0.zip yum install PyQt4 yum install PyQt4-webkit yum install sphinx yum install pyflakes yum install ipython yum install pylint yum install numpy yum install scipy mv spyder-2.3.0 /opt/spyder cd /opt/spyder python bootstrap.py (run the program)
Go to /usr/share/applications folder, create the following files: matlab.desktop[Desktop Entry] Version=1.0 Encoding=UTF-8 Name=MATLAB R2014a Type=Application Comment=MATLAB R2014a Exec=/opt/MATLAB/R2014a/bin/matlab -desktop Terminal=false Icon=/opt/MATLAB/R2014a/toolbox/nnet/nnresource/icons/matlab.png GenericName=Maple Categories=Applications;Education;Mathematics; MimeType=application/;spyder.desktop[Desktop Entry] Type=Application Name=Spyder Comment=Spyder Icon=/opt/spyder-2.3.0/img_src/spyder.png Exec=/opt/spyder-2.3.0/bootstrap.py Terminal=false Categories=Development;IDE;
# get our IP address
ip=`ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'`
# get our fqdn from the dhcp/dns server (dnsmasq)
fqdn=`dig -x $ip +short`
# strip off the dn
myname=${fqdn%.*}
# voila
echo "Found my hostname is" $myname
hostname $myname
myname="HOSTNAME=$myname"
# find the line number with HOSTNAME
n=`awk '$0 ~ str{print NR}{b=$0}' str="HOSTNAME" /etc/sysconfig/network`
#echo $n
# update /etc/sysconfig/network file
echo "Updating /etc/sysconfig/network"
sed -i $n"s/.*/$myname/" /etc/sysconfig/network
Add sethostname to start up
chkconfig --add sethostname chkconfig sethostname on
yum install ds9 yum install saoimage yum install wcstools yum install python-asciitable
[root@phobos ~]# ipa-client-install Traceback (most recent call last): File "/usr/sbin/ipa-client-install", line 2335, insys.exit(main()) File "/usr/sbin/ipa-client-install", line 2321, in main rval = install(options, env, fstore, statestore) File "/usr/sbin/ipa-client-install", line 1686, in install ret = ds.search(domain=options.domain, server=options.server, hostname=hostname, ca_cert_path=get_cert_path(options.ca_cert_file)) File "/usr/lib/python2.6/site-packages/ipaclient/ipadiscovery.py", line 230, in search ldapret = self.ipacheckldap(self.server, self.realm, ca_cert_path=ca_cert_path) File "/usr/lib/python2.6/site-packages/ipaclient/ipadiscovery.py", line 298, in ipacheckldap basedn = get_ipa_basedn(lh) File "/usr/lib/python2.6/site-packages/ipapython/ipautil.py", line 817, in get_ipa_basedn contexts = entries[0][1]['namingcontexts'] KeyError: 'namingcontexts'
I was able to make the ipa-client-install work by specifying the domain and server:
[root@phobos ~]# ipa-client-install --domain=phas.ubc.ca --server=ipa.phas.ubc.ca
Autodiscovery of servers for failover cannot work with this configuration.
If you proceed with the installation, services will be configured to always access the discovered server for all operations and will not fail over to other servers in case of failure.
Proceed with fixed values and no DNS discovery? [no]: yes
Hostname: phobos.phas.ubc.ca
Realm: PHAS.UBC.CA
DNS Domain: phas.ubc.ca
IPA Server: ipa02.phas.ubc.ca
BaseDN: dc=phas,dc=ubc,dc=ca
Continue to configure the system with these values? [no]: yes
User authorized to enroll computers: admin
Synchronizing time with KDC...
Unable to sync time with IPA NTP server, assuming the time is in sync. Please check that 123 UDP port is opened.
Password for admin@PHAS.UBC.CA:
Successfully retrieved CA cert
Subject: CN=Certificate Authority,O=PHAS.UBC.CA
Issuer: CN=Certificate Authority,O=PHAS.UBC.CA
Valid From: Thu May 23 21:15:34 2013 UTC
Valid Until: Mon May 23 21:15:34 2033 UTC
Enrolled in IPA realm PHAS.UBC.CA
Created /etc/ipa/default.conf
New SSSD config will be created
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm PHAS.UBC.CA
trying https://ipa02.phas.ubc.ca/ipa/xml
Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub
Forwarding 'host_mod' to server u'https://ipa02.phas.ubc.ca/ipa/xml'
Could not update DNS SSHFP records.
SSSD enabled
Configured /etc/openldap/ldap.conf
NTP enabled
Configured /etc/ssh/ssh_config
Configured /etc/ssh/sshd_config
Client configuration complete.
[root@phobos ~]# getent passwd rapugrad
rapugrad:*:15240:400:Rons Undergrad Test Acct:/home2/rapugrad:/bin/bash
Not sure yet why the DNS SSHFP records were not updated but for now this is not an issue.
--------------------------------------------------------------------------
[root@phobos ~]# cat /etc/ipa/default.conf
#File modified by ipa-client-install
[global]
basedn = dc=phas,dc=ubc,dc=ca
realm = PHAS.UBC.CA
domain = phas.ubc.ca
server = ipa02.phas.ubc.ca
xmlrpc_uri = https://ipa02.phas.ubc.ca/ipa/xml
enable_ra = True
[root@phobos ~]# cat /etc/ipa/default.conf
#File modified by ipa-client-install
[global]
basedn = dc=phas,dc=ubc,dc=ca
realm = PHAS.UBC.CA
domain = phas.ubc.ca
server = ipa02.phas.ubc.ca
xmlrpc_uri = https://ipa02.phas.ubc.ca/ipa/xml
enable_ra = True
--------------------------------------------------------------------------
[root@phobos ~]# cat /etc/sssd/sssd.conf
[domain/phas.ubc.ca]
cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = phas.ubc.ca
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ipa_hostname = phobos.phas.ubc.ca
chpass_provider = ipa
ipa_server = _srv_, ipa02.phas.ubc.ca
ldap_tls_cacert = /etc/ipa/ca.crt
[sssd]
services = nss, pam, ssh
config_file_version = 2
domains = phas.ubc.ca
[nss]
[pam]
[sudo]
[autofs]
[ssh]
[pac]
--------------------------------------------------------------------------
[root@phobos ~]# cat /etc/krb5.conf
#File modified by ipa-client-install
includedir /var/lib/sss/pubconf/krb5.include.d/
[libdefaults]
default_realm = PHAS.UBC.CA
dns_lookup_realm = false
dns_lookup_kdc = false
rdns = false
ticket_lifetime = 24h
forwardable = yes
[realms]
PHAS.UBC.CA = {
kdc = ipa02.phas.ubc.ca:88
master_kdc = ipa02.phas.ubc.ca:88
admin_server = ipa02.phas.ubc.ca:749
default_domain = phas.ubc.ca
pkinit_anchors = FILE:/etc/ipa/ca.crt
}
[domain_realm]
.phas.ubc.ca = PHAS.UBC.CA
phas.ubc.ca = PHAS.UBC.CA
--------------------------------------------------------------------------
[root@phobos ~]# cat /etc/openldap/ldap.conf
#File modified by ipa-client-install
URI ldaps://ipa02.phas.ubc.ca
BASE dc=phas,dc=ubc,dc=ca
TLS_CACERT /etc/ipa/ca.crt
| webmaster@phas.ubc.ca | [Dept. Home Page] | Last updated: |