Scientific Linux 5 Installation
System Installation
Follow the instructions on
http://linux.web.cern.ch/linux/scientific5/docs/install.shtml
- Create Boot image for 64 bit systems
- Select http as installation method
- Installation server is: linuxsoft.cern.ch
- Installation path is: /cern/slc5X/x86_64/
- keep default partition layout
- set host name: e.g. serret.physics.purdue.edu
Customize System
http://www.physics.purdue.edu/PCN/doc/wiki/doku.php?id=wiki:procedures:self_maintained:linux
- Create /data
All users should create their own directory in /data (e.g. mkdir /data/norbert) to store their local data.
mkdir /data chmod a+rwx /data
- yum install am_utils
- /etc/amd.home
#comment: amd.home map /defaults fs:=/net/${rhost}/home;\ opts:=rw,bg,grpid,intr,nosuid,nodevs,quota,proto=udp,vers=3,\ rsize=8192,wsize=8192,timeo=8,retrans=4;\ rfs:=/net/${rhost}/home;\ sublink:=${key};\ type:=nfsl nneumeis rfs:=/net/${rhost}/home/u;fs:=/net/${rhost}/home/u;rhost:=aristotle #-- Special Entries motif type:=error .htaccess type:=error tomb type:=link;sublink:=.;fs:=/lost+found #-- This is necessary for amanda(8) to work -- BE CAREFUL IN THE EXTREME -- operator os==freebsd4;rhost:=aristotle \ os==freebsd3;rhost:=aristotle \ os==freebsd5;rhost:=aristotle \ os==solaris2;rhost:=aristotle \ rhost:=london #-- All other accounts # Everbody else falls back to a * entry * rhost:=aristotle - /etc/hosts
128.210.67.230 newton newton.physics.purdue.edu 128.210.67.227 aristotle aristotle.physics.purdue.edu
- /etc/group
zh:x:1399: phys:x:1109: cms:x:500:
- Install CUPS printers:
#/etc/cups/client.conf ServerName spool.physics.purdue.edu
- /etc/krb5
[libdefaults] default_realm = CERN.CH ticket_lifetime = 25h renew_lifetime = 120h forwardable = true proxiable = true [realms] CERN.CH = { default_domain = cern.ch kpasswd_server = afskrb5m.cern.ch admin_server = afskrb5m.cern.ch kdc = afsdb3.cern.ch kdc = afsdb1.cern.ch kdc = afsdb2.cern.ch v4_name_convert = { host = { rcmd = host } } } FNAL.GOV = { default_domain = fnal.gov admin_server = krb-fnal-admin.fnal.gov kdc = krb-fnal-1.fnal.gov:88 kdc = krb-fnal-2.fnal.gov:88 kdc = krb-fnal-3.fnal.gov:88 } CENTRAL.PURDUE.LCL = { kdc = 128.210.63.203 kdc = 1061cendc01.central.purdue.lcl admin_server = 1061cendc01.central.purdue.lcl default_domain = 1061cendc01.central.purdue.lcl } [domain_realm] .cern.ch = CERN.CH .fnal.gov = FNAL.GOV .central.purdue.lcl = CENTRAL.PURDUE.LCL central.purdue.lcl = CENTRAL.PURDUE.LCL [appdefaults] pam = { external = true krb4_convert = false krb4_convert_524 = false krb4_use_as_req = false ticket_lifetime = 25h } - /etc/yp.conf
domain purdue-pcn broadcast
- /etc/ldap.conf
host volta.physics.purdue.edu base dc=physics,dc=purdue,dc=edu uri ldaps://volta.physics.purdue.edu ssl start_tls ssl on ldap_version 3 tls_checkpeer yes tls_cacertfile /usr/share/purple/ca-certs/Thawte_Premium_Server_CA.pem tls_cacertdir /etc/openldap/cacerts # you may need to symlink Thawte_Premium_Server_CA.pem in /etc/openldap/cacerts rootbinddn cn=admin,dc=physics,dc=purdue,dc=edu pam_password md5 binddn cn=unsupported,dc=physics,dc=purdue,dc=edu bindpw *********
- ln -s /bin/bash /usr/local/bin/bash/
- nsswitch
- /etc/sysconfig/authconfig
USEMD5=no USECRACKLIB=yes USEDB=no USEHESIOD=no USELDAP=yes USENIS=yes USEPASSWDQC=no USEWINBIND=no USEAFSKERBEROS=no USEKERBEROS=no USELDAPAUTH=yes USESHADOW=yes USESMBAUTH=no USEWINBINDAUTH=no USELOCAUTHORIZE=yes PASSWDALGORITHM=md5
- /etc/ssh/ssh_config
#
GSSAPIAuthentication yes GSSAPIDelegateCredentials yes GSSAPITrustDNS yes PubkeyAuthentication no PasswordAuthentication yes
/usr/sbin/lcm --configure ntpd afsclt /usr/sbin/lcm --configure srvtab /sbin/chkconfig --add afs /sbin/chkconfig --add amd /sbin/chkconfig amd on /sbin/service amd start
- /etc/passwd
nneumeis:x:139702:1109:Norbert Neumeister,PHYSICS 374,767 494 5198,:/home/u/nneumeis:/bin/tcsh