Child pages
  • PCN Self-supported Workstation Installation
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Scientific Linux 5 Installation

System Installation

Follow the instructions on
http://linux.web.cern.ch/linux/scientific5/docs/install.shtml

  1. Create Boot image for 64 bit systems
  2. Select http as installation method
  3. Installation server is: linuxsoft.cern.ch
  4. Installation path is: /cern/slc5X/x86_64/
  5. keep default partition layout
  6. set host name: e.g. serret.physics.purdue.edu

Customize System

http://www.physics.purdue.edu/PCN/doc/wiki/doku.php?id=wiki:procedures:self_maintained:linux

  1. Create /data
    mkdir /data 
    chmod a+rwx /data
    
    All users should create their own directory in /data (e.g. mkdir /data/norbert) to store their local data.
  2. yum install am_utils
  3. /etc/hosts
     
  4. /etc/group
    zh:x:1399:
    phys:x:1109:
    cms:x:500:
    
  5. Install CUPS printers:
    #/etc/cups/client.conf
    ServerName spool.physics.purdue.edu
    
  6. /etc/krb5
    [libdefaults]
     default_realm = CERN.CH
     ticket_lifetime = 25h
     renew_lifetime = 120h
     forwardable = true
     proxiable = true
    
    [realms]
     CERN.CH = {
      default_domain = cern.ch
      kpasswd_server = afskrb5m.cern.ch
      admin_server = afskrb5m.cern.ch
      kdc = afsdb3.cern.ch
      kdc = afsdb1.cern.ch
      kdc = afsdb2.cern.ch
    
      v4_name_convert = {
         host = {
             rcmd = host
         }
      }
     }
    ; the external institutes info is completely static for now and comes
    ; straight from the NCM template
     FNAL.GOV = {
      default_domain = fnal.gov
      admin_server = krb-fnal-admin.fnal.gov
      kdc = krb-fnal-1.fnal.gov:88
      kdc = krb-fnal-2.fnal.gov:88
      kdc = krb-fnal-3.fnal.gov:88
     }
    
     CENTRAL.PURDUE.LCL = {
      kdc = 128.210.63.203
      kdc = 1061cendc01.central.purdue.lcl
      admin_server = 1061cendc01.central.purdue.lcl
      default_domain = 1061cendc01.central.purdue.lcl
     }
    
    [domain_realm]
     .cern.ch = CERN.CH
     .fnal.gov = FNAL.GOV
     .central.purdue.lcl = CENTRAL.PURDUE.LCL
     central.purdue.lcl = CENTRAL.PURDUE.LCL
    
    [appdefaults]
    ; options for Red Hat pam_krb5-2
     pam = {
       external = true
       krb4_convert = false
       krb4_convert_524 = false
       krb4_use_as_req = false
       ticket_lifetime = 25h
     }
    
    
  7. /etc/yp.conf
    domain purdue-pcn broadcast
    
  8. /etc/ldap.conf
    host volta.physics.purdue.edu
    base dc=physics,dc=purdue,dc=edu
    uri ldaps://volta.physics.purdue.edu
    ssl start_tls
    ssl on
    ldap_version 3
    tls_checkpeer yes
    tls_cacertfile /usr/share/purple/ca-certs/Thawte_Premium_Server_CA.pem
    tls_cacertdir /etc/openldap/cacerts
    # you may need to symlink Thawte_Premium_Server_CA.pem in /etc/openldap/cacerts
    rootbinddn cn=admin,dc=physics,dc=purdue,dc=edu
    
    pam_password md5
    
    binddn cn=unsupported,dc=physics,dc=purdue,dc=edu
    bindpw *********
    
  9. ln -s /bin/bash /usr/local/bin/bash/
  10. nsswitch
  11. /etc/sysconfig/authoconfig
     
  • No labels