These instructions are for installing GNU/Linux onto a PC. If you have existing data or an operating system on the machine you are installing on, ensure that you know what you are doing, and that you have a full backup in case you overwrite anything you meant to keep.

1. Use the torrent to download the installation CDs from here, and burn the iso for the first CD. I boot from the first CD when installing, but install from an NFS exported directory on another machine as this tends to avoid problems reading the CDs.
2. Boot from the first CD.
3. Enter linux askmethod to install in graphical mode and to do a network install.
4. Leave the language as English (English) and select OK.
5. Select the United Kingdom keyboard and select OK.
6. Select NFS image when prompted for installation method and select OK.
7. De-select Enable IPv6 support when prompted to configure TCP/IP and select OK.
8. Enter the NFS server name and the Fedora Core directory amd select OK. The directory must be exported on the server, and its firewall must allow NFS exports.
9. After running anaconda the grapical installation screen will be displayed. Click Next.
10. Select Install Fedora Core and click Next.
11. Select Create custom layout and click Next.
12. Delete any existing partitions and create the new ones according to the size of the hard drive(s). The /common and /img directories are non standard ones I create for my own use.

    fanny: 40Gb hard drive
    hda1		150 MB		/boot
    hda2		4,000 MB		/home
    hda3		3,500 MB		/var
    hda5		2,000 MB		/tmp
    hda6		1,000 MB		(swap)
    hda7		27,500 MB		/

    gina: 80Gb hard drive
    hda1		1,000 MB		/boot
    hda2		37,000 MB		/
    hda3		17,500 MB		/home
    hda5		4,000 MB		/var
    hda6		4,000 MB		/tmp
    hda7		10,000 MB		/common
    hda8		3,000 MB		/img
    hda9		2,000 MB		(swap)

    jenny: 190Gb hard drive
    hda1		1,000 MB		/boot
    hda2		112,000 MB		/
    hda3		22,000 MB		/home
    hda5		25,000 MB		/var
    hda6		5,000 MB		/tmp
    hda7		20,000 MB		/common
    hda8		3,000 MB		/img
    hda7		2,000 MB		(swap)

    Click Next.
13. Leave the GRUB settings unchanged and click Next.
14. Leave the Network Devices settings unchanged (i.e. use DHCP). Set the hostname, e.g. fanny.stevesearle.com. Click Next.
15. Select Europe/London and System clock uses UTC and Next.
16. Set and confirm the Root Password and click Next.
17. Select Office and Productivity and Software Development and Customize now. Click Next.
18. Select/deselect packages as follows.

    Desktop Environments	Select KDE (K Desktop Environment)
    Applications	Editors	Deselect vim-enhanced (I prefer to build my own version)
    	Games and Entertainment	Select kdegames
    	Graphical Internet	Deselect evolution
    	Graphical Internet	Select gftp
    	Office/Productivity	Select gnucash
    	Sound and Video	Select k3b
    	Text-based Internet	Deselect mutt (I prefer to build my own version)
    Development	Select KDE Software Development
    Servers	MySQL Database	mysql-devel

    Click Next.
19. Click Next and continue the installation.

Click on Reboot when the installation is complete.

1. Click Forward at the Welcome screen.
2. Accept the license and click Forward.
3. Accept the default firewall settings (only SSH allowed) and click Forward.
4. Change SELinux Setting: to Disabled and click Forward. Click Yes when prompted about rebooting.
5. Select Network Time Protocol at the Date and Time screen. Select Enable Network Time Protocol and add and delete time servers as appropriate. Click Forward.
6. Set yourself up as a user and click Forward.
7. Test the sound card and click Finish.
8. Set an appropriate screen resolution and click Forward.
9. Click OK at the reboot prompt.

 #      load  "dri"

Contents

By default, Fedora installs with a number of daemons that I don't need. Turning these off saves system resources and makes the machine more secure.

• avahi-daemon : An implementation of zeroconf.
• bluetooth, hidd : Bluetooth support (unless required).
• cpuspeed : Throttles CPU runtime frequency.
• firstboot : Runs the first time a machine is booted after an install.
• irqbalance : Increases performance on multiprocessor systems.
• isdn : Only required for ISDN modems.
• lm_sensors : Only required for monitoring motherboard sensors.
• mdmonitor : Monitors software raid and LVM information.

 # chkconfig avahi-daemon off
 # service avahi-daemon stop
 # chkconfig bluetooth off
 # service bluetooth stop
 # chkconfig hidd off
 # service hidd stop
 # chkconfig cpuspeed off
 # service cpuspeed stop
 # chkconfig firstboot off
 # service firstboot stop
 # chkconfig irqbalance off
 # service irqbalance stop
 # chkconfig isdn off
 # service isdn stop
 # chkconfig lm_sensors off
 # service lm_sensors stop
 # chkconfig mdmonitor off
 # service mdmonitor stop

Contents

By default, FC6 uses the yum-updatesd daemon to tell the user when updates are available, and then user can then manually download and install them. I prefer to stop this daemon, and create a cron job to download and install any yum updates. Stop the daemon and prevent it re-starting with:

# service yum-updatesd stop
# chkconfig yum-updatesd off

Create the following bash script in /etc/cron.daily

#!/bin/bash

yum -y update

exit 0

Run yum to update any RPM packages that are out of date.

# yum update

Clean the old yum headers occaisionally with a monthly cron job to run.

yum clean all

Now use yum to install the following:

• bittorrent - for downloading distros, etc.
• multitail - view and colorise multiple log files
• pan - newsreader
• sendmail-cf - needed for sendmail configuration
• switchdesk - interface for choosing the desktop environment
• unison - used to replicate directories between machines
• Xfce - lightweight desktop environment
• XMMS - X MultiMedia System
• Xorg X11 Server SDK - used when building the NVIDIA video driver
• screensavers - get them all :-)
• gnome-screensaver - removing this reverts the system to xscreensaver, which allows many more configuration options
• perl-gettext - perl module used by t-prot
• qiv - fast image viewer that works nicely in mailcap for mutt

# yum install bittorrent-gui
# yum install multitail
# yum install pan
# yum install sendmail-cf
# yum install switchdesk-gui
# yum install unison
# yum groupinstall XFCE
# yum install xfce*
# yum install xmms*
# yum install xorg-x11-server-sdk
# yum install xscreensaver*
# yum remove gnome-screensaver
# yum install perl-gettext
# yum install qiv

Add a yum repo by saving this file to /etc/yum.repos.d and then install the flash plugin.

# yum install flash-plugin

Contents

Customise the shell prompt by adding the following lines to the end of /etc/bashrc.

 ColourFuscia="\[\033[0;36m\]"
 ColourGreen="\[\033[0;32m\]"
 ColourDefault="\[\033[0m\]"
 
 # Set green to red if root
 if [ "$UID" = "0" ]; then
        ColourGreen="\[\033[1;31m\]"
 fi
 
 PS1="$ColourGreen($ColourFuscia\u@\h$ColourGreen:$ColourFuscia\w$ColourGreen)$ColourFuscia\\$ $ColourDefault"

Change the resolution of the virtual terminals (running on Ctrl-Alt-1 through Ctrl-Alt-6). Edit /boot/grub/grub.conf and add vga=791 to the end of the menu kernel line, e.g.

 kernel /vmlinuz-2.4.20-30.9 ro root=LABEL=/ hda=ide-scsi vga=790

790 produces a 1024x768 resolution with 32,768 colours. You could use any of the following (if you video card supports them).

Keep /tmp tidy. Create a script in /etc/cron.daily containing the following lines. It will delete files and directories that are more than a week old.

 find /tmp -mtime +7 -type f -print -exec rm {} ";"
 find /tmp -empty -mtime +7 -type d -print -exec rm -rf {} ";"

Contents

Sendmail is a mail transfer agent. MTAs are used to transfer messages between machines. Normally Sendmail will send out any mail with headers showing it as coming from the local client - in my case a from address of steve@gina.stevesearle.com. So the following changes to the Sendmail configuration make it look as if the email has come from steve@stevesearle.com. To do this, the following lines are added to the /etc/mail/sendmail.mc file (uncomment - remove dnl ... dnl - and edit where neccessary). The MAIL_HUB line is added at the end of the first block of defines and causes email that would otherwise have been delivered to a local user on the machine to be sent to the network mail server.

 ...
 define(`SMART_HOST', `marilyn.stevesearle.com.')
 ...
 define(`MAIL_HUB', `relay:stevesearle.com.')
 ...
 MASQUERADE_AS(`stevesearle.com')
 ...
 FEATURE(masquerade_envelope)
 ...

Note that the EXPOSED_USER line in /etc/mail/sendmail.mc will prevent mail sent by root from being masqueraded, this should be removed if this is a problem.

Regenerate the /etc/mail/sendmail.cf (note the sendmail-cf package must be installed for this to work, and no warnings are displayed if it isn't installed).

 # make -C /etc/mail

Fire up system-config-network. With eth0 selected, click on Edit. Under DHCP Settings, change the Hostname (optional): so that only the machine name, and NOT the domain name is specified, e.g. gina not gina.stevesearle.com. Click on OK, then deactivate then activate.

Restart sendmail.

 # service sendmail restart

Create a .forward file to ensure that any mail to root gets read. Ensure that it is only writable by the user, otherwise it will be ignored.

 # chmod 644 ~/.forward

Contents

Add mount points for any NFS exports from other machines, by editing /etc/fstab and adding the appropriate lines, e.g.

 hayley:/backups        /backups        nfs     rsize=8192,wsize=8192

This would automatically mount hayley's /backups directory under /backups on this machine. (Permission would have to be granted on hayley via the /etc/exports file to allow this.) Don't forget to create the /backups directories on the local machine.

Contents

I run an old machine as a backup device. A backup folder is NFS exported to the rest of the network, and each machine runs a cron tar job to back up various files and directories.

Contents

These instructions have been derived from the excelent SpamAssassin-ClamAV-Procmail-Howto.

Download Clam AntiVirus to /tmp.

Create a user group and user.

 # groupadd clamav
 # useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav

Install.

 $ cd /tmp
 $ tar -xzf clamav-0.80.tar.gz
 $ cd clamav-0.80
 $ ./configure
 $ make
 $ su -c "make install"

Edit both /usr/local/etc/clamd.conf and /usr/local/etc/freshclam.conf and remove or comment out the Example directive.

 ...
 # Comment or remove the line below.
 # Example
 ...

Create /etc/init.d/clamd as follows.

#!/bin/bash

 TMPDIR=/tmp
 PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/X11R6/bin

 case "$1" in
        start)
                echo "Starting ClamAV..."
                if [ -S /tmp/clamd ]; then
                        echo "ClamAV is already running!"
                else
                        /usr/local/bin/freshclam -d -c 10 --datadir=/usr/local/share/clamav
                        /usr/local/sbin/clamd
                fi
                echo "ClamAV is now up and running!"
        ;;
        stop)
                echo "Shutting down ClamAV..."
                array=(`ps ax | grep -iw '/usr/local/bin/freshclam' | grep -iv 'grep' \
                        | awk '{print $1}' | cut -f1 -d/ | tr '\n' ' '`)
                element_count=${#array[@]}
                index=0
                while [ "$index" -lt "$element_count" ]
                do
                        kill -9 ${array[$index]}
                        let "index = $index + 1"
                done
                array=(`ps ax | grep -iw '/usr/local/sbin/clamd' | grep -iv 'grep' \
                        | awk '{print $1}' | cut -f1 -d/ | tr '\n' ' '`)
                element_count=${#array[@]}
                index=0
                while [ "$index" -lt "$element_count" ]
                do
                        kill -9 ${array[$index]}
                        let "index = $index + 1"
                done
                if [ -S /tmp/clamd ]; then
                        rm -f /tmp/clamd
                fi
                echo "ClamAV stopped!"
        ;;
        restart)
                $0 stop && sleep 3
                $0 start
        ;;
        *)
                echo "Usage: $0 {start|stop|restart}"
                exit 1
 esac
 exit 0

Make it executable and start it.

 # chmod  755 /etc/init.d/clamd
 # /etc/init.d/clamd start

Make it start at boot up and stop at close down.

 # ln -s /etc/init.d/clamd /etc/rc2.d/S20clamd
 # ln -s /etc/init.d/clamd /etc/rc3.d/S20clamd
 # ln -s /etc/init.d/clamd /etc/rc4.d/S20clamd
 # ln -s /etc/init.d/clamd /etc/rc5.d/S20clamd
 # ln -s /etc/init.d/clamd /etc/rc0.d/K20clamd
 # ln -s /etc/init.d/clamd /etc/rc1.d/K20clamd
 # ln -s /etc/init.d/clamd /etc/rc6.d/K20clamd

Schedule the following command to run regualry to check for viruses.

 /usr/local/bin/clamscan -ir --stdout /

Contents

Uptimed is used to keep track of the highest uptimes my GNU/Linux computers have.

Download it, and build and install it with

 $ cd /tmp
 $ tar -xjf uptimed-0.3.1.tar.bz2
 $ cd uptimed-0.3.1
 $ ./configure
 $ make
 $ su -c "make install"

Then add the following to /etc/rc.d/rc.sysinit to create a unique id each time the server is booted.

 echo "Creating unique uptime daemon bootid..."
 /usr/local/sbin/uptimed -b

Now add these lines to /etc/rc.d/rc.local to start the uptime daemon.

 echo "Starting uptime daemon..."
 /usr/local/sbin/uptimed

Rename uptimed.conf-dist

 # mv /usr/local/etc/uptimed.conf-dist /usr/local/etc/uptimed.conf

then edit this to set the EMAIL and SEND_EMAIL variables.

Reboot and enter:

 $ uprecords

to see how long the server has been up for.

Contents

Download various perl modules as follows. Getopt::Mixed is needed for t-prot. You need to be on-line for this.

 # perl -MCPAN -e shell
 cpan> install MD5
 cpan> install Bundle::CPAN
 cpan> reload CPAN
 
 cpan> install Getopt::Mixed
 cpan> exit

Contents

Install Webmin, a browser based tool for administering and configuring the system.

The tarball should be un-tarred in /usr/local or similar, as this is just configured in the directory it was un-tarred in.

 # cd /usr/local
 # tar -xzf webmin-1.130.tar.gz
 # cd webmin-1.130
 # ./setup.sh

If you want to access the webmin from another machine, you need to change the firewall settings. Add the following line to /etc/sysconfig/iptables (immediately before the -A RH_Firewall-1-INPUT -j... line).

 -A RH-Firewall-1-INPUT -p tcp -m tcp -m state --dport 10000 --state NEW -j ACCEPT

Restart the firewall.

 # service iptables restart

Contents

Download and install Vim, the best editor around.

 $ cd /tmp
 $ tar -xjf vim-6.2.tar.bz2
 $ cd vim62
 $ make
 $ su -c "make install"

Add the following line to your /etc/bashrc, to make Vim the default editor for mutt, crontab, etc. The "-f" will prevent it forking when invoked, and will avoid the update encoding warning when editing an email.

 export EDITOR="gvim -f"

Contents

Mutt is my email client of choice. Dowload it and build it.

 $ cd /tmp
 $ tar -xzf mutt-1.4.2.1i.tar.gz
 $ cd mutt-1.4.2.1
 $ ./configure --enable-pop --enable-imap --with-ssl
 $ su -c "make install"

Now install urlview, a utility that will fire up the browser to display any URLs in any emails.

 $ cd /tmp
 $ tar -xzf urlview-0.9.tar.gz
 $ cd urlview-0.9
 $ ./configure
 $ make
 $ su -c "make install"
 $ su -c "cp url_handler.sh /usr/local/bin"

Edit /usr/local/bin/url_handler.sh to select the preferred browser. Change any occurances of /usr/X11R6/bin/netscape to /usr/bin/firefox.

Contents

Install MPlayer which is brilliant for watching mpegs, etc. Build and install it.

 $ cd /tmp
 $ tar -xjf essential-20060611.tar.bz2
 $ cd essential-20060611
 $ su -c "mkdir /usr/local/lib/codecs"
 $ su -c "cp * /usr/local/lib/codecs"
 $ cd /tmp
 $ tar -xjf MPlayer-0.92.tar.bz2
 $ cd MPlayer-0.92
 $ ./configure --enable-gui --enable-largefiles --enable-menu
 $ make
 $ su -c "make install"
 $ cd /tmp
 $ tar -xjf font-arial-iso-8859-1.tar.bz2
 $ cd font-arial-iso-8859-1/font-arial-18-iso-8859-1
 $ su -c "cp * /usr/local/share/mplayer/font"
 $ cd /tmp
 $ tar -xjf Blue-1.4.tar.bz2
 $ su -c "cp -r Blue /usr/local/share/mplayer/skins/default"

Enter gmplayer to run the gui version.

Contents

Keychain is a script that makes the use of ssh-agent to ssh into other machines without entering passwords simple and easy. This section was put together with using Kimmo Suominen's Getting started with SSH. Download and install Keychain with

 $ cd /tmp
 $ tar -xjf keychain-2.0.3.tar.bz2
 $ cd keychain-2.0.3
 $ su -c "install -m0755 keychain /usr/bin/keychain"

Generate a public/private dsa key pair.

 $ ssh-keygen -t dsa
 $ ssh-keygen -t rsa

Enter a passphrase when prompted. Then copy the public keys to all the machines you wish to connect to.

 $ scp ~/.ssh/id_dsa.pub steve@emma:

On the machine you wish to connect to, add the contents of the file you have just copied to authorized_keys in .ssh directory. Also make sure that only you can write to the .ssh directory and the authorized_keys file.

 $ cd     
 $ cat id_dsa.pub >> ~/.ssh/authorized_keys
 $ chmod go-w .ssh .ssh/authorized_keys

Now alter ~/.bash_profile to run keychain when you log in. If it is not already running, it will be started and you will be prompted for the passphrase, but then this will be remembered until the machine is rebooted.

 keychain ~/.ssh/id_rsa ~/.ssh/id_dsa
 . ~/.keychain/${HOSTNAME}-sh

Contents

HTML Tidy is a great application for tidying up HTML source code. Download it to /tmp and build and install with

 $ cd /tmp
 $ tar -xzf tidy_src.tgz
 $ cd tidy
 $ /bin/sh build/gnuauto/setup.sh
 $ ./configure --prefix=/usr
 $ make
 $ su -c "make install"

Contents

I use KDirStat to monitor diskspace and identify what it is being used for. It is a great utility that graphically represents file sizes, so that you can easily identify where and who the largest users of filespace are.

Download it to /tmp and build and install with

 $ cd /tmp
 $ tar -xjf kdirstat-2.4.0.tar.bz2
 $ cd kdirstat-2.4.0
 $ ./configure
 $ make
 $ su -c "make install"

Contents

The following steps are personal customisations I setup for my own user.

To share a set of personal files in my user, I have a directory on the server that is mounted on each workstation. A similar situation exists so I can easily maintain the development version of my web site. These are setup as follows.

Add these lines to /etc/fstab.

 ingrid:/home/steve/share  /home/steve/share       nfs     user,exec,rsize=8192,wsize=8192
 ingrid:/var/www/steve     /home/steve/www         nfs     user,rsize=8192,wsize=8192

Then create mountpoints and mount these files.

 $ cd ~
 $ mkdir share
 $ mount share
 $ mkdir www
 $ mount www

Now create links to my standard muttrc, vimrc amd sig files and gpg directory.

 $ cd ~
 $ ln -s share/.muttrc
 $ ln -s share/.vimrc
 $ ln -s share/.signature
 $ ln -s share/.gnupg

Now setup the directory for the Mutt SSL certificates file.

 $ cd ~
 $ mkdir .mutt

Now create an icon on the panel to run Mutt. Right-click on the panel and select Add to Panel.... Select Custom Application Launcher. Set Name: to Mutt, Comment: to Email client and command: to terminal --geometry 120x40 --hide-menubar -t "Mutt" -x mutt. Click on Icon: and select an appropriate one. Click OK.

Now set GNOME to use Mutt as the default mail client. From the Desktop menu select Preferences -> More Preferences -> Preferred Applications and select Mutt as the Mail Reader.

Right-click on the original panel email icon and remove it. Remove other panel icons as preferred.

Use the shared Firefox bookmark file. In Firefox, enter about:config as the URL. Right click on the screen, and select New -> String. Set the preference name to browser.bookmarks.file and the string value to /home/steve/share/.bookmarks.html. Exit Firefox, and restart.

Contents