Fedora 7 is out, and it installed without
any serious problems on my test workstation. So now it is here are
the instructions for installing and configuring it on my main
workstations.
These instructions
are for installing GNU/Linux onto a PC. If you have existing data
or an operating system on the machine you are installing on, ensure
that you know what you are doing, and that you have a full backup
in case you overwrite anything you meant to keep.
Use the torrent to download the installation DVD . Mount
the DVD on a loop mount, and copy the vmlinuz and initrd.img
files into the boot directory of the CD to be installed. Then
edit its grub.conf to boot directly into this installation
kernel, without using any CDs. The installation can now be done
from an NFS exported directory.| 40Gb hard drive | ||||
| hda1 | 150 MB | /boot | ||
| hda2 | 4,000 MB | /home | ||
| hda3 | 3,500 MB | /var | ||
| hda5 | 2,000 MB | /tmp | ||
| hda6 | 1,000 MB | (swap) | ||
| hda7 | 27,500 MB | / | ||
| 80Gb hard drive | ||||
| hda1 | 1,000 MB | /boot | ||
| hda2 | 37,000 MB | / | ||
| hda3 | 17,500 MB | /home | ||
| hda5 | 4,000 MB | /var | ||
| hda6 | 4,000 MB | /tmp | ||
| hda7 | 10,000 MB | /common | ||
| hda8 | 3,000 MB | /img | ||
| hda9 | 2,000 MB | (swap) | ||
| 190Gb hard drive | ||||
| hda1 | 1,000 MB | /boot | ||
| hda2 | 112,000 MB | / | ||
| hda3 | 22,000 MB | /home | ||
| hda5 | 25,000 MB | /var | ||
| hda6 | 5,000 MB | /tmp | ||
| hda7 | 20,000 MB | /common | ||
| hda8 | 3,000 MB | /img | ||
| hda7 | 2,000 MB | (swap) | ||
| Desktop Environments | Select KDE (K Desktop Environment) | |
| Applications | Editors | Deselect vim-enhanced (I prefer to build my own version) |
| Graphical Internet | Deselect evolution and evolution-webcal | |
| Text-based Internet | Deselect mutt (I prefer to build my own version) | |
| Development | Select KDE Software Development |
Click on Reboot when the installation is complete.
By default, Fedora installs with a number of daemons that nay not be needed. Turning these off saves system resources and makes the machine more secure. I stop:
# chkconfig avahi-daemon off # service avahi-daemon stop # chkconfig bluetooth off # service bluetooth stop # chkconfig hidd off # service hidd stop # chkconfig cpuspeed off # service cpuspeed stop # chkconfig irqbalance off # service irqbalance stop # chkconfig isdn off # service isdn stop # chkconfig lm_sensors off # service lm_sensors stop # chkconfig mcstrans off # service mcstrans stop # chkconfig mdmonitor off # service mdmonitor stop # chkconfig setroubleshoot off # service setroubleshoot stop
By default, FC6 uses
the yum-updatesd daemon to tell the user when updates are
available, and then user can then manually download and install
them. I prefer to stop this daemon, and create a cron job to
download and install any yum updates. Stop the daemon and prevent
it re-starting with:
# service yum-updatesd stop # chkconfig yum-updatesd off
Run yum to update any RPM packages that are out of date.
# yum update
Create the following bash script in /etc/cron.daily
#!/bin/bash yum -y update exit 0
Clean the old yum headers occaisionally with a monthly cron job to run.
yum clean all
Now use yum to install the following:
# yum install multitail # yum install pan # yum install sendmail-cf # yum install switchdesk-gui # yum install unison # yum groupinstall XFCE # yum install xfce* # yum install xmms* # yum install xscreensaver* # yum remove gnome-screensaver # yum install perl-gettext # yum install qiv # yum install mail-notification # yum install gnucash # yum install gftp # yum install mysql # yum install grip # yum install lame # yum install easytag # yum install system-config-language # yum install k3b
Add a yum repo by downloading this rpm, installing it and then using yum to install the flash plugin.
# rpm -Uvh adobe-release-1.0-0.noarch.rpm # yum install flash-plugin
Set the correct locale for the UK by running system-config-language and selecting English (Great Britain).
Customise the shell prompt by adding the following lines to the end of /etc/bashrc.
ColourFuscia="\[\033[0;36m\]" ColourGreen="\[\033[0;32m\]" ColourDefault="\[\033[0m\]" # Set green to red if root if [ "$UID" = "0" ]; then ColourGreen="\[\033[1;31m\]" fi PS1="$ColourGreen($ColourFuscia\u@\h$ColourGreen:$ColourFuscia\w$ColourGreen)$ColourFuscia\\$ $ColourDefault"
Change the resolution of the virtual terminals (running on Ctrl-Alt-1 through Ctrl-Alt-6). Edit /boot/grub/grub.conf and add vga=791 to the end of the menu kernel line, e.g.
kernel /vmlinuz-2.4.20-30.9 ro root=LABEL=/ hda=ide-scsi vga=790
790 produces a 1024x768 resolution with 32,768 colours. You could use any of the following (if you video card supports them).
| Colours | 640x480 | 800x600 | 1024x768 | 1280x1024 | 1600x1200 |
| 256 | 769 | 771 | 773 | 775 | 796 |
| 32,768 | 784 | 787 | 790 | 793 | 797 |
| 65,536 | 785 | 788 | 791 | 794 | 798 |
| 16.8M | 786 | 789 | 792 | 795 | 799 |
Keep /tmp tidy. Create a script in /etc/cron.daily containing the following line. It will delete files and directories that are more than a week (168 hours) old.
tmpwatch --mtime --verbose --verbose 168 /tmp
Sendmail is a mail transfer agent.
MTAs are used to transfer messages between machines. Normally
Sendmail will send out any mail with headers showing it as coming
from the local client - in my case a from address of
steve@gina.stevesearle.com. So the following changes to the
Sendmail configuration make it look as if the email has come from
steve@stevesearle.com. To do this, the following lines are added to
the /etc/mail/sendmail.mc file (uncomment - remove dnl ... dnl -
and edit where neccessary). The 'MAIL_HUB' line is added at the end
of the first block of defines and causes email that would otherwise
have been delivered to a local user on the machine to be sent to
the network mail server.
... define(`SMART_HOST', `magpie.stevesearle.com.') ... define(`MAIL_HUB', `relay:stevesearle.com.') ... MASQUERADE_AS(`stevesearle.com') ... FEATURE(masquerade_envelope) ...
Note that the 'EXPOSED_USER' line in /etc/mail/sendmail.mc will prevent mail sent by root from being masqueraded, this should be removed if this is a problem.
Regenerate the /etc/mail/sendmail.cf (note the sendmail-cf package must be installed for this to work, and no warnings are displayed if it isn't installed).
# make -C /etc/mail
Fire up system-config-network. With eth0 selected, click on Edit. Under DHCP Settings, change the Hostname (optional): so that only the machine name, and NOT the domain name is specified, e.g. gina not gina.stevesearle.com. Click on OK, then deactivate then activate.
Restart sendmail.
# service sendmail restart
Change /etc/aliases so that root's email is redirected to your own account.
... root: steve
Now run newaliases for the change to be shown through sendmail.
# newaliases
Add mount points for any NFS exports from other machines, by editing /etc/fstab and adding the appropriate lines, e.g.
hayley:/backups /backups nfs rsize=8192,wsize=8192
This would automatically mount hayley's /backups directory under /backups on this machine. (Permission would have to be granted on hayley via the /etc/exports file to allow this.) Don't forget to create the /backups directories on the local machine.
I run an old machine as a backup device. A backup folder is NFS exported to the rest of the network, and each machine runs a cron tar job to back up various files and directories.
These instructions have been derived
from the excelent SpamAssassin-ClamAV-Procmail-Howto.
Download Clam AntiVirus to /tmp.
Create a user group and user.
# groupadd clamav # useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav
Install.
$ cd /tmp $ tar -xzf clamav-0.80.tar.gz $ cd clamav-0.80 $ ./configure $ make $ su -c "make install"
Edit both /usr/local/etc/clamd.conf and /usr/local/etc/freshclam.conf and remove or comment out the 'Example' directive.
... # Comment or remove the line below. # Example ...
Create /etc/init.d/clamd as follows.
#!/bin/bash
TMPDIR=/tmp
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/X11R6/bin
case "$1" in
start)
echo "Starting ClamAV..."
if [ -S /tmp/clamd ]; then
echo "ClamAV is already running!"
else
/usr/local/bin/freshclam -d -c 10 --datadir=/usr/local/share/clamav
/usr/local/sbin/clamd
fi
echo "ClamAV is now up and running!"
;;
stop)
echo "Shutting down ClamAV..."
array=(`ps ax | grep -iw '/usr/local/bin/freshclam' | grep -iv 'grep' \
| awk '{print $1}' | cut -f1 -d/ | tr '\n' ' '`)
element_count=${#array[@]}
index=0
while [ "$index" -lt "$element_count" ]
do
kill -9 ${array[$index]}
let "index = $index + 1"
done
array=(`ps ax | grep -iw '/usr/local/sbin/clamd' | grep -iv 'grep' \
| awk '{print $1}' | cut -f1 -d/ | tr '\n' ' '`)
element_count=${#array[@]}
index=0
while [ "$index" -lt "$element_count" ]
do
kill -9 ${array[$index]}
let "index = $index + 1"
done
if [ -S /tmp/clamd ]; then
rm -f /tmp/clamd
fi
echo "ClamAV stopped!"
;;
restart)
$0 stop && sleep 3
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
esac
exit 0
Make it executable and start it.
# chmod 755 /etc/init.d/clamd # /etc/init.d/clamd start
Make it start at boot up and stop at close down.
# ln -s /etc/init.d/clamd /etc/rc2.d/S20clamd # ln -s /etc/init.d/clamd /etc/rc3.d/S20clamd # ln -s /etc/init.d/clamd /etc/rc4.d/S20clamd # ln -s /etc/init.d/clamd /etc/rc5.d/S20clamd # ln -s /etc/init.d/clamd /etc/rc0.d/K20clamd # ln -s /etc/init.d/clamd /etc/rc1.d/K20clamd # ln -s /etc/init.d/clamd /etc/rc6.d/K20clamd
Schedule the following command to run regualry to check for viruses.
/usr/local/bin/clamscan -ir --stdout /
Uptimed is used to keep track of the highest uptimes my GNU/Linux computers have.
Download it, and build and install it with
$ cd /tmp $ tar -xjf uptimed-0.3.1.tar.bz2 $ cd uptimed-0.3.1 $ ./configure $ make $ su -c "make install"
Then add the following to /etc/rc.d/rc.sysinit to create a unique id each time the server is booted.
echo "Creating unique uptime daemon bootid..." /usr/local/sbin/uptimed -b
Now add these lines to /etc/rc.d/rc.local to start the uptime daemon.
echo "Starting uptime daemon..." /usr/local/sbin/uptimed
Rename uptimed.conf-dist
# mv /usr/local/etc/uptimed.conf-dist /usr/local/etc/uptimed.conf
then edit this to set the EMAIL and SEND_EMAIL variables.
Reboot and enter:
$ uprecords
to see how long the server has been up for.
Download various perl modules as follows. Getopt::Mixed is needed
for t-prot. You need
to be on-line for this.
# perl -MCPAN -e shell cpan> install MD5 cpan> install Bundle::CPAN cpan> reload CPAN cpan> install Net::SSLeay cpan> install Getopt::Mixed cpan> exit
Install Webmin, a browser based tool for
administering and configuring the system.
The tarball should be un-tarred in /usr/local or similar, as this is just configured in the directory it was un-tarred in.
# cd /usr/local # tar -xzf webmin-1.130.tar.gz # cd webmin-1.130 # ./setup.sh
If you want to access the webmin from another machine, you need to change the firewall settings. Add the following line to /etc/sysconfig/iptables (immediately before the '-A RH_Firewall-1-INPUT -j...' line).
# Webmin -A RH-Firewall-1-INPUT -p tcp -m tcp -m state --dport 10000 --state NEW -j ACCEPT
Restart the firewall.
# service iptables restart
Download and install Vim, the best editor around.
$ cd /tmp $ tar -xjf vim-6.2.tar.bz2 $ cd vim62 $ make $ su -c "make install"
Add the following line to your /etc/bashrc, to make Vim the default editor for mutt, crontab, etc. The "-f" will prevent it forking when invoked, and will avoid the update encoding warning when editing an email.
export EDITOR="gvim -f"
Mutt is my
email client of choice. Dowload it and build it.
$ cd /tmp $ tar -xzf mutt-1.4.2.1i.tar.gz $ cd mutt-1.4.2.1 $ ./configure --enable-pop --enable-imap --with-ssl $ su -c "make install"
Now install urlview, a utility that will fire up the browser to display any URLs in any emails.
$ cd /tmp $ tar -xzf urlview-0.9.tar.gz $ cd urlview-0.9 $ ./configure $ make $ su -c "make install" $ su -c "cp url_handler.sh /usr/local/bin"
Edit /usr/local/bin/url_handler.sh to select the preferred browser. Change any occurances of /usr/X11R6/bin/netscape to /usr/bin/firefox.
Install MPlayer which is brilliant for
watching mpegs, etc. Build and install it.
$ cd /tmp $ tar -xjf essential-20060611.tar.bz2 $ cd essential-20060611 $ su -c "mkdir /usr/local/lib/codecs" $ su -c "cp * /usr/local/lib/codecs" $ cd /tmp $ tar -xjf MPlayer-0.92.tar.bz2 $ cd MPlayer-0.92 $ ./configure --enable-gui --enable-largefiles --enable-menu $ make $ su -c "make install" $ cd /tmp $ tar -xjf font-arial-iso-8859-1.tar.bz2 $ cd font-arial-iso-8859-1/font-arial-18-iso-8859-1 $ su -c "cp * /usr/local/share/mplayer/font" $ cd /tmp $ tar -xjf Blue-1.4.tar.bz2 $ su -c "cp -r Blue /usr/local/share/mplayer/skins/default"
Enter gmplayer to run the gui version.
To use Grip
to rip MP3s, it needs to be configured to use LAME. Use Yum to download them
(see Update
packages).
To use LAME from Grip, change Config->Encode->Encoder and set Encoder executable to /usr/local/bin/lame.
Keychain is a script that makes the use of ssh-agent to ssh into other machines without entering passwords simple and easy. This section was put together with using Kimmo Suominen's Getting started with SSH. Download and install Keychain with
$ cd /tmp $ tar -xjf keychain-2.0.3.tar.bz2 $ cd keychain-2.0.3 $ su -c "install -m0755 keychain /usr/bin/keychain"
Generate a public/private dsa key pair.
$ ssh-keygen -t dsa
Enter a passphrase when prompted. Then copy the public keys to all the machines you wish to connect to.
$ scp ~/.ssh/id_dsa.pub steve@emma:
On the machine you wish to connect to, add the contents of the file you have just copied to authorized_keys in .ssh directory. Also make sure that only you can write to the .ssh directory and the authorized_keys file.
$ cd $ cat id_dsa.pub >> ~/.ssh/authorized_keys $ chmod go-w .ssh .ssh/authorized_keys
Now alter ~/.bash_profile to run keychain when you log in. If it is not already running, it will be started and you will be prompted for the passphrase, but then this will be remembered until the machine is rebooted. Also load the environment variables into the current shell.
...
keychain ~/.ssh/id_dsa
source ~/.keychain/${HOSTNAME}-sh > /dev/null
source ~/.bashrc
Alter ~/.bashrc to load the environment variables into any new shells.
...
source ~/.keychain/${HOSTNAME}-sh > /dev/null
HTML
Tidy is a great application for tidying up HTML source code.
There isn't a tarball generated containing the source code, instead
you check out the code from the CVS repository.
$ cd /tmp $ cvs -d :pserver:anonymous@tidy.cvs.sourceforge.net:/cvsroot/tidy logon CVS password: <Enter> $ cvs -d :pserver:anonymous@tidy.cvs.sourceforge.net:/cvsroot/tidy checkout tidy $ cd tidy $ /bin/sh build/gnuauto/setup.sh $ ./configure --prefix=/usr $ make $ su -c "make install"
I use KDirStat to monitor diskspace
and identify what it is being used for. It is a great utility that
graphically represents file sizes, so that you can easily identify
where and who the largest users of filespace are.
Download it to /tmp and build and install with
$ cd /tmp $ tar -xjf kdirstat-2.4.0.tar.bz2 $ cd kdirstat-2.4.0 $ ./configure $ make $ su -c "make install"
The following steps are personal customisations I setup for my own user.
To share a set of personal files in my user, I have a directory on the server that is mounted on each workstation. A similar situation exists so I can easily maintain the development version of my web site. These are setup as follows.
Add these lines to /etc/fstab.
ingrid:/home/steve/share /home/steve/share nfs user,exec,rsize=8192,wsize=8192 ingrid:/var/www/steve /home/steve/www nfs user,rsize=8192,wsize=8192
Then create mountpoints and mount these files.
$ cd ~ $ mkdir share $ mount share $ mkdir www $ mount www
Now create links to my standard muttrc, vimrc amd sig files and gpg directory.
$ cd ~ $ ln -s share/.muttrc s ln -s share/.mailcap $ ln -s share/.vimrc $ ln -s share/.signature $ ln -s share/.gnupg
Now setup the directory for the Mutt SSL certificates file.
$ cd ~ $ mkdir .mutt
Now create an icon on the panel to run Mutt. Right-click on the panel and select Add to Panel.... Select Custom Application Launcher. Set Name: to Mutt, Comment: to Email client and command: to terminal --geometry 120x40 --hide-menubar -t "Mutt" -x my.mutt. Click on Icon: and select an appropriate one, then click OK (my.mutt is a simple script whuch sets the keychain environmental variables and runs mutt).
Now set GNOME to use Mutt as the default mail client. From the System menu select Preferences -> Personal -> Preferred Applications and select Mutt as the Mail Reader.
Right-click on the original panel email icon and remove it. Remove other panel icons as preferred.
Use the shared Firefox bookmark file. In Firefox, enter about:config as the URL. Right click on the screen, and select New -> String. Set the preference name to browser.bookmarks.file and the string value to /home/steve/share/.bookmarks.html. Exit Firefox, and restart.