Difference between revisions of "Desktop Setup - Ubuntu 12.04"

From Vlsiwiki
Jump to: navigation, search
(MADA Related Stuff)
Line 102: Line 102:
 
  ln -s /mada/users /soe
 
  ln -s /mada/users /soe
 
  initctl reload autofs
 
  initctl reload autofs
 +
 +
/etc/auto.mada should use nfs4. Something like this:
 +
users              -rw,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/users
 +
software            -ro,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/software
  
 
* 7 - awk for cadence
 
* 7 - awk for cadence

Revision as of 07:18, 2 February 2013

Currently still testing the distribution, so please report any problems to Ehsan and Jose!!

  • 0 - Install Ubuntu 12.04 x86_64

NOTE: ONLY if you have trouble with Step 4 of the installation process, the partition selection, open a terminal in the trial mode and run:

sudo dmraid -r -E /dev/sda

NOTE: When prompted for a username, choose one that is NOT your SOE login! For example "ian_local" rather than my SOE login of "ianlee1521". Otherwise you will not be able to login to your computer after you setup LDAP.

NOTE: When prompted for a machine name, enter the name that machine is supposed to be (mascd1, omelette, quiche, etc)

Installation should complete as normal.



Plain Ubuntu Installation

  • 1 - Enable root account

Login to the GUI with your local login, then open a terminal (Applications -> Accessories -> Terminal):

sudo su - 
passwd

Enter your new root password for the machine.

Add your local and SOE logins to the sudoers list:

vi /etc/sudoers
  • 2 - Install NVIDIA Drivers

Blacklist some kernel modules

vi /etc/modprobe.d/blacklist.conf

Add the following lines to the file

blacklist vga16fb
blacklist nouveau
blacklist rivafb
blacklist nvidiafb
blacklist rivatv

Get rid of any installed NVIDIA drivers (you are already root, if not use with sudo):

apt-get --purge remove nvidia-* 
apt-get update
apt-get install nvidia-current


Reboot the machine and X should start normally. Login at the GUI login as root and open a terminal.

  • 3 - Setup the new repo
scp <username>@mada0:/etc/apt/sources.list /etc/apt/sources.list
apt-get update -y
apt-get dist-upgrade -y


  • 4 - Adjust sysctl options

mmap problem for qemu

vi /etc/sysctl.d/10-zeropage.conf

Edit the following value:

vm.mmap_min_addr = 4096

increase (add) the inotify watches in /etc/sysctl.conf

echo -e "\nfs.inotify.max_user_watches = 65535 \nkernel.randomize_va_space = 0" | tee -a /etc/sysctl.conf
  • 5 - Replicate the installation on Master machine (mascd12, dhcp-63-154.cse.ucsc.edu)

The current apt-get/dpkg releases have problem. So we need to work around the problems that is going to happen in this process.

ssh <username>@mascd12 dpkg --get-selections > dpkg.list
dpkg --set-selections < dpkg.list
apt-get update -y
echo "libdb5.1-java:i386    deinstall" | dpkg --set-selections
echo "libsensors4:i386    deinstall" | dpkg --set-selections
echo "libapt-pkg4.12:i386    deinstall" | dpkg --set-selections

"apt-get dselect-upgrade -y" Will give many options and take a long time for the upgrade (about an hour for me). Select all default options.

apt-get dselect-upgrade -y

It most likely will fail, complaining unable to install libapt-pkg4.12:i386, etc. You might need to repeat this until the apt-get dselect-upgrade finished gracefully. Pay attention to the error message. If it asks you to do 'apt-get install -f', then do so!

finalized the installed packages so far:

dpkg --configure -a

then remove the problematic packages from the package selecting list, and run the apt-get dselect-upgrade again :

echo "libdb5.1-java:i386    deinstall" | dpkg --set-selections
echo "libsensors4:i386    deinstall" | dpkg --set-selections
echo "libapt-pkg4.12:i386    deinstall" | dpkg --set-selection
apt-get dselect-upgrade -y

MADA Related Stuff

  • 6 - Install autofs

Create mada directory

mkdir /mada

Get autofs files from another machine

apt-get install -y autofs 
scp <username>@mascd12:/etc/auto.* /etc/
ln -s /mada/users /soe
initctl reload autofs
/etc/auto.mada should use nfs4. Something like this:

users -rw,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/users software -ro,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/software

  • 7 - awk for cadence
apt-get install -y ksh csh original-awk
ln -s /usr/bin/awk /bin/awk
  • 8 - Set the firewall
ufw enable
ufw default deny
ufw reject auth
ufw limit ssh/tcp
  • 9 - Get tempcap from another ubuntu machine (mascd1, mascd12, ...), and some lib preparation:
mkdir /usr/lib64
scp <username>@mascd12:/usr/lib64/libtermcap.so.2.0.8 /usr/lib64/
ln -s /usr/lib64/libtermcap.so.2.0.8 /usr/lib64/libtermcap.so.2
ln -sf /usr/lib/x86_64-linux-gnu/libtiff.so.4.3.4 /usr/lib/libtiff.so.3
  • 10 - LDAP

Install

apt-get install -y ldap-auth-client libpam-krb5 krb5-user libsasl2-modules-gssapi-mit

Leave the kerberos config entry blank. You will copy it in the next step.

Create /ect/krb5.conf

scp <username>@mascd1:/etc/krb5.conf /etc/

Copy the ldap certificate

scp <username>@mascd1:/etc/ssl/certs/* /etc/ssl/certs/

Create "/etc/auth-client-config/profile.d/krb-ldap-config"

scp <username>@mascd1:/etc/auth-client-config/profile.d/krb-ldap-config /etc/auth-client-config/profile.d/krb-ldap-config
auth-client-config -a -p krb_ldap

Update ldap.conf

scp <username>@mascd1:/etc/ldap.conf /etc/ldap.conf
scp <username>@mascd1:/etc/ldap/ldap.conf /etc/ldap/ldap.conf

Now you should be able to execute:

ldapsearch -x LLL
  • 11 - Lock SOE people out of your machine :)
scp <username>@mascd12:/etc/security/access.conf /etc/security/access.conf

You will need to add your local login to the machine, or you will lock yourself out:

vim /etc/security/access.conf

Go to very bottom of file and add your local user account to the list below root Example of the last lines of my file (Replace "ian_local" with your local login):

+ : root : ALL
+ : nx   : ALL
+ : ian_local : ALL
+ : (masc) : ALL
+ : (vlsi) : ALL
-:ALL :ALL 

Now, you should see people with "getent passwd" but, calling "su - cormac" should say "permission denied", but, calling "su - renau" should work.

  • 12 - Since the LDAP has timeouts, setup the local backup
apt-get install nss-updatedb
nss_updatedb ldap
cd /etc/cron.hourly/
scp <username>@mada1:/etc/cron.hourly/nss_updatedb_ldap .
scp <username>@mada1:/etc/nsswitch.conf /etc
  • 13 - Edit lines passwd and group in /etc/nsswitch.conf so that they are as follows (involves adding db before ldap)
 sudo vi /etc/nsswitch.conf
 passwd:         files db ldap 
 group:          files db ldap
  • 14 - Allow other accounts to be shown at the login screen, and disable Guest user.
 sudo vi /etc/lightdm/lightdm.conf
 

add the following lines to lightdm.conf

greeter-show-manual-login=true
allow-guest=false


  • 15 - Restart your computer:
shutdown -r now
  • 16 - Login to the GUI with your SOE login information. If you get a prompt asking for an "LDAP Password" this means that you typed your password incorrectly.
  • 17 - Remove old desktop configuration files (KDE / GNOME / browser)

NOTE: Removing ".config" will delete any saved passwords in your browser, but will fix other problems. NOTE: You can use kubuntu(KDE), gnome, unity, or awesome as desktop/windows manager.

Logout of / kill any open X sessions. Switch to tty1 (CTRL + ALT + F1), and login with your SOE account.

rm -rf .config .kde* .gconf* .gnome* .awesome*
  • 18 - Some Minor Patches for things that don't work properly

Disable apparmor

sudo invoke-rc.d apparmor stop
sudo update-rc.d -f apparmor remove
  • 19 - Add bash as default shell
cd /bin
sudo ln -sf bash sh
  • 20 - Using QEMU and ARM in 32 bit mode. We need to install 32 bit libraries for this (as root).
sudo apt-get install g++-multilib libxext-dev:i386 -y
  • 21 - Ruby Gems
 sudo apt-get install ruby rubygems
 sudo gem install --remote builder colored cucumber diff-lcs gherkim nanoc2 polyglot rake rgl rspec stream treetop 
 sudo gem install cri --version 1.0.1 
  • 22 - Install some fonts
 sudo apt-get install libtiff4 t1-xfree86-nonfree ttf-xfree86-nonfree ttf-xfree86-nonfree-syriac xfonts-75dpi xfonts-100dpi


  • 23 - Make sure that there is no file indexing (beagle)
sudo apt-get purge beagle
  • 24 - Add to /etc/crontab to maintain same time (13:13 use any other random time)
echo -e "13 13   * * *   root    /usr/sbin/ntpdate ntp.ucsc.edu" | sudo tee -a /etc/crontab
  • 25 - Add a freenx server to your desktop
sudo apt-get install python-software-properties
sudo add-apt-repository ppa:freenx-team
sudo apt-get update
sudo apt-get install freenx-server
  • 26 - Add sendmail (no external forwarding)
sudo apt-get purge exim4
sudo apt-get install sendmail
cd /etc/mail/
sudo scp <username>@mada0:/etc/mail/alias* .
sudo scp <username>@mada0:/etc/mail/sendmail.* .
sudo scp <username>@mada0:/etc/mail/generi* .
sudo chmod 777 /var/spool/mqueue
sudo /etc/init.d/sendmail restart


  • 27- Install extra tools (should have been installed through dpkg --set-selection)
 sudo apt-get install -y git-core libjpeg62 
 sudo apt-get install -y libglib2.0-dev
 sudo apt-get install -y bison flex
 sudo apt-get install -y libboost-dev
 sudo apt-get install -y ack-grep
 sudo apt-get install -y cmake
 sudo apt-get install -y gridengine-client libtool mutrace
 sudo apt-get install -y texlive-latex-base texlive-latex-extra texlive-latex-recommended preview-latex-style latex-xcolor latex-beamer texlive-science texlive-fonts-recommended
 sudo apt-get install -y okular
  • 28 - Copy libtermcap needed by some synopsys aps
 sudo scp <username>@mada0:/usr/lib/libtermcap.so.2.0.8 /usr/lib/.
 sudo ln -s libtermcap.so.2.0.8 libtermcap.so.2
  • 29 - Manually install glib for i386, and get some more 32 bit libs.
 cd /lib/i386-linux-gnu
 sudo tar zxvf /mada/software/libg.tar

Upgrade from Ubuntu 10.04

  • 1- sudo apt-get dist-upgrade -y
  • 2- Upgrade to Ubuntu 1.10:
 https://help.ubuntu.com/community/MaverickUpgrades

Installing grid-engine (server)

  • Firewall
ufw allow in 6444
ufw allow in 6445
  • packages
apt-get purge gridengine-exec
apt-get install gridengine-exec gridengine-client
  • Set SGE master
echo "mada0.cse.ucsc.edu" >/var/lib/gridengine/default/common/act_qmaster
  • Start daemon (do not wait for the next reboot)
/etc/init.d/gridengine-exec restart

Setting up CUPS for Printing

  • 1. Make sure cups and cups-bsd are installed:
 sudo apt-get install cups
  • 2. Go to /etc/cups directory:
 cd /etc/cups
  • 3. Add file called "client.conf" with this in it (you may need sudo access to create new file):
 ServerName cups-01.cse.ucsc.edu
 ServerName spooler4.cse.ucsc.edu
 spooler4.cse.ucsc.edu
  • 4. Save the client.conf file and restart the cups server:
 /etc/init.d/cups restart
  • You should now be able to print. If you are not seeing a list of printer or are getting an error saying something like "client error: forbidden", then your machine does not have access to the VLAN printer network. Contact the IT tech staff and this issue should be resolved (Eric Shell helped with this).