Difference between revisions of "Desktop Setup - Ubuntu 10.04"
(→MADA Related Stuff) |
(→MADA Related Stuff) |
||
(6 intermediate revisions by 2 users not shown) | |||
Line 75: | Line 75: | ||
increase (add) the inotify watches in /etc/sysctl.conf | increase (add) the inotify watches in /etc/sysctl.conf | ||
− | echo -e "\nfs.inotify.max_user_watches = 65535" | tee -a /etc/sysctl.conf | + | echo -e "\nfs.inotify.max_user_watches = 65535 \nkernel.randomize_va_space = 0" | tee -a /etc/sysctl.conf |
* 8 - Replicate the installation on Master machine (mascd12, dhcp-63-154.cse.ucsc.edu) | * 8 - Replicate the installation on Master machine (mascd12, dhcp-63-154.cse.ucsc.edu) | ||
Line 85: | Line 85: | ||
Select all default options EXCEPT! for ion3: acknowledge the lack of support (non-default option) | Select all default options EXCEPT! for ion3: acknowledge the lack of support (non-default option) | ||
apt-get dselect-upgrade -y | apt-get dselect-upgrade -y | ||
− | |||
==MADA Related Stuff== | ==MADA Related Stuff== | ||
Line 119: | Line 118: | ||
Create /ect/krb5.conf | Create /ect/krb5.conf | ||
− | scp <username>@ | + | scp <username>@mascd1:/etc/krb5.conf /etc/ |
Copy the ldap certificate | Copy the ldap certificate | ||
− | scp <username>@ | + | scp <username>@mascd1:/etc/ssl/certs/* /etc/ssl/certs/ |
Create "/etc/auth-client-config/profile.d/krb-ldap-config" | Create "/etc/auth-client-config/profile.d/krb-ldap-config" | ||
− | scp <username>@ | + | scp <username>@mascd1:/etc/auth-client-config/profile.d/krb-ldap-config /etc/auth-client-config/profile.d/krb-ldap-config |
auth-client-config -a -p krb_ldap | auth-client-config -a -p krb_ldap | ||
Update ldap.conf | Update ldap.conf | ||
− | scp <username>@ | + | scp <username>@mascd1:/etc/ldap.conf /etc/ldap.conf |
− | scp <username>@ | + | scp <username>@mascd1:/etc/ldap/ldap.conf /etc/ldap/ldap.conf |
Now you should be able to execute: | Now you should be able to execute: | ||
Line 152: | Line 151: | ||
Now, you should see people with "getent passwd" but, calling "su - cormac" should say "permission denied", but, calling "su - renau" should work. | Now, you should see people with "getent passwd" but, calling "su - cormac" should say "permission denied", but, calling "su - renau" should work. | ||
− | * 15 - Restart your computer: | + | * 15 - Since the LDAP has timeouts, setup the local backup |
+ | |||
+ | apt-get install nss-updatedb | ||
+ | nss_updatedb ldap | ||
+ | cd /etc/cron.hourly/ | ||
+ | scp mada1:/etc/cron.hourly/nss_updatedb-ldap.sh . | ||
+ | scp mada1:/etc/nsswitch.conf /etc | ||
+ | |||
+ | * 16 - Restart your computer: | ||
shutdown -r now | shutdown -r now | ||
− | * | + | * 17 - Login to the GUI with your SOE login information. If you get a prompt asking for an "LDAP Password" this means that you typed your password incorrectly. |
− | * | + | * 18 - Remove old desktop configuration files (KDE / GNOME / browser) |
NOTE: Removing ".config" will delete any saved passwords in your browser, but will fix other problems. | NOTE: Removing ".config" will delete any saved passwords in your browser, but will fix other problems. | ||
Line 163: | Line 170: | ||
rm -rf .config .kde* .gconf* .gnome* | rm -rf .config .kde* .gconf* .gnome* | ||
− | * | + | * 19 - Some Minor Patches for things that don't work properly |
Disable apparmor | Disable apparmor | ||
Line 169: | Line 176: | ||
sudo update-rc.d -f apparmor remove | sudo update-rc.d -f apparmor remove | ||
− | * | + | * 20 - Add bash as default shell |
cd /bin | cd /bin | ||
ln -sf bash sh | ln -sf bash sh | ||
− | * | + | * 21 - Using QEMU and ARM in 32 bit mode. We need to install 32 bit libraries for this (as root). |
sudo apt-get install g++-multilib lib32z1 lib32z1-dev lib32ncurses5 lib32ncurses5-dev | sudo apt-get install g++-multilib lib32z1 lib32z1-dev lib32ncurses5 lib32ncurses5-dev | ||
− | * | + | * 22 - Miscellanous Kate and Kwrite text editors |
sudo apt-get install kate kwrite emacs22-gtk emacs22 | sudo apt-get install kate kwrite emacs22-gtk emacs22 | ||
− | * | + | * 23 - Make sure that there is no file indexing (beagle) |
sudo apt-get purge beagle | sudo apt-get purge beagle | ||
− | * | + | * 24 - Add to /etc/crontab to maintain same time (13:13 use any other random time) |
− | echo -e "13 13 * * * root /usr/sbin/ntpdate | + | echo -e "13 13 * * * root /usr/sbin/ntpdate ntp.ucsc.edu" | sudo tee -a /etc/crontab |
− | * | + | * 25 - Add a freenx server to your desktop |
sudo add-apt-repository ppa:freenx-team | sudo add-apt-repository ppa:freenx-team | ||
Line 195: | Line 202: | ||
sudo apt-get install freenx-server | sudo apt-get install freenx-server | ||
− | * | + | * 26 - Add sendmail (no external forwarding) |
apt-get purge exim4 | apt-get purge exim4 | ||
apt-get install sendmail | apt-get install sendmail | ||
cd /etc/mail/ | cd /etc/mail/ | ||
− | scp mada0:/etc/mail/sendmail. | + | scp mada0:/etc/mail/alias* . |
− | scp mada0:/etc/mail/ | + | scp mada0:/etc/mail/sendmail.* . |
+ | scp mada0:/etc/mail/generi* . | ||
chmod 777 /var/spool/mqueue | chmod 777 /var/spool/mqueue | ||
/etc/init.d/sendmail restart | /etc/init.d/sendmail restart | ||
Line 252: | Line 260: | ||
* OPTIONAL: Download GPU Computing SDK code samples http://developer.download.nvidia.com/compute/cuda/3_2/sdk/gpucomputingsdk_3.2_linux.run. This will be installed in your home directory by default. | * OPTIONAL: Download GPU Computing SDK code samples http://developer.download.nvidia.com/compute/cuda/3_2/sdk/gpucomputingsdk_3.2_linux.run. This will be installed in your home directory by default. | ||
+ | |||
+ | |||
+ | ==Installing grid-engine (server)== | ||
+ | |||
+ | |||
+ | * Firewall | ||
+ | |||
+ | ufw allow in 6444 | ||
+ | ufw allow in 6445 | ||
+ | |||
+ | * packages | ||
+ | |||
+ | apt-get purge gridengine-exec | ||
+ | apt-get install gridengine-exec gridengine-client | ||
+ | |||
+ | * Set SGE master | ||
+ | |||
+ | echo "mada0.cse.ucsc.edu" >/var/lib/gridengine/default/common/act_qmaster | ||
+ | |||
+ | * Start daemon (do not wait for the next reboot) | ||
+ | |||
+ | /etc/init.d/gridengine-exec restart |
Latest revision as of 20:13, 22 December 2010
Currently still testing the distribution, so please report any problems to Ian and Jose!!
- 0 - Install Ubuntu 10.04 x86_64
NOTE: ONLY if you have trouble with Step 4 of the installation process, the partition selection, open a terminal in the trial mode and run:
sudo dmraid -r -E /dev/sda
NOTE: When prompted for a username, choose one that is NOT your SOE login! For example "ian_local" rather than my SOE login of "ianlee1521". Otherwise you will not be able to login to your computer after you setup LDAP.
NOTE: When prompted for a machine name, enter the name that machine is supposed to be (mascd1, omelette, quiche, etc)
Installation should complete as normal.
Contents
Plain Ubuntu Installation
- 1 - Enable root account
Login to the GUI with your local login, then open a terminal (Applications -> Accessories -> Terminal):
sudo su - passwd
Enter your new root password for the machine.
Add your local and SOE logins to the sudoers list:
vim /etc/sudoers
- 2 - Install NVIDIA Drivers
Blacklist some kernel modules
vim /etc/modprobe.d/blacklist.conf
Add the following lines to the file
blacklist vga16fb blacklist nouveau blacklist rivafb blacklist nvidiafb blacklist rivatv
Get rid of any installed NVIDIA drivers:
sudo apt-get --purge remove nvidia-*
Reboot the machine. X11 will not start. Switch to a terminal (CTRL + ALT + F1), and login as root:
wget http://us.download.nvidia.com/XFree86/Linux-x86_64/256.53/NVIDIA-Linux-x86_64-256.53.run chmod 744 NVIDIA-Linux-x86_64-256.53.run service gdm stop ./NVIDIA-Linux-x86_64-256.53.run
Reboot the machine and X should start normally. Login at the GUI login as root and open a terminal.
- 3 - Setup the new repo
apt-get install -y emdebian-archive-keyring echo -e "\ndeb http://www.emdebian.org/debian/ lenny main" | tee -a /etc/apt/sources.list apt-get update -y apt-get dist-upgrade -y
- 4 - Setup the cross package
apt-get install -y apt-cross dpkg-cross libncurses5-dev
- 5 - Instal ARM packages
apt-get install -y libc6-armel-cross libc6-dev-armel-cross apt-get install -y binutils-arm-linux-gnueabi gcc-4.3-arm-linux-gnueabi g++-4.3-arm-linux-gnueabi apt-get install -y linux-libc-dev-armel-cross apt-get install -y uboot-mkimage
- 6 - Install SPARC packages
apt-get install -y libc6-sparc-cross libc6-dev-sparc-cross apt-get install -y binutils-sparc-linux-gnu gcc-4.3-sparc-linux-gnu g++-4.3-sparc-linux-gnu apt-get install -y linux-libc-dev-sparc-cross
- 7 - Adjust sysctl options
mmap problem for qemu
vim /etc/sysctl.d/10-zeropage.conf
Edit the following value:
vm.mmap_min_addr = 4096
increase (add) the inotify watches in /etc/sysctl.conf
echo -e "\nfs.inotify.max_user_watches = 65535 \nkernel.randomize_va_space = 0" | tee -a /etc/sysctl.conf
- 8 - Replicate the installation on Master machine (mascd12, dhcp-63-154.cse.ucsc.edu)
ssh <username>@mascd12 dpkg --get-selections > mypackages.txt dpkg --set-selections < mypackages.txt
"apt-get dselect-upgrade -y" Will give many options and take a long time for the upgrade (about an hour for me).
Select all default options EXCEPT! for ion3: acknowledge the lack of support (non-default option)
apt-get dselect-upgrade -y
MADA Related Stuff
- 9 - Install autofs
Create mada directory
mkdir /mada
Get autofs files from another machine
scp <username>@mascd12:/etc/auto.* /etc/ ln -s /mada/users /soe initctl reload autofs
- 10 - awk for cadence
apt-get install -y ksh csh original-awk ln -s /usr/bin/awk /bin/awk
- 11 - Set the firewall
ufw enable ufw default deny ufw reject auth ufw limit ssh/tcp
- 12 - Get tempcap from another ubuntu machine (mascd1, mascd12, ...)
scp <username>@mascd12:/usr/lib64/libtermcap.so.2.0.8 /usr/lib64/ ln -s /usr/lib64/libtermcap.so.2.0.8 /usr/lib64/libtermcap.so.2
- 13 - LDAP
Install
apt-get install -y ldap-auth-client libpam-krb5 krb5-user libsasl2-modules-gssapi-mit
Leave the kerberos config entry blank. You will copy it in the next step.
Create /ect/krb5.conf
scp <username>@mascd1:/etc/krb5.conf /etc/
Copy the ldap certificate
scp <username>@mascd1:/etc/ssl/certs/* /etc/ssl/certs/
Create "/etc/auth-client-config/profile.d/krb-ldap-config"
scp <username>@mascd1:/etc/auth-client-config/profile.d/krb-ldap-config /etc/auth-client-config/profile.d/krb-ldap-config auth-client-config -a -p krb_ldap
Update ldap.conf
scp <username>@mascd1:/etc/ldap.conf /etc/ldap.conf scp <username>@mascd1:/etc/ldap/ldap.conf /etc/ldap/ldap.conf
Now you should be able to execute:
ldapsearch -x LLL
- 14 - Lock SOE people out of your machine :)
scp <username>@mascd12:/etc/security/access.conf /etc/security/access.conf
You will need to add your local login to the machine, or you will lock yourself out:
vim /etc/security/access.conf
Go to very bottom of file and add your local user account to the list below root Example of the last lines of my file (Replace "ian_local" with your local login):
+ : root : ALL + : nx : ALL + : ian_local : ALL + : (masc) : ALL + : (vlsi) : ALL -:ALL :ALL
Now, you should see people with "getent passwd" but, calling "su - cormac" should say "permission denied", but, calling "su - renau" should work.
- 15 - Since the LDAP has timeouts, setup the local backup
apt-get install nss-updatedb nss_updatedb ldap cd /etc/cron.hourly/ scp mada1:/etc/cron.hourly/nss_updatedb-ldap.sh . scp mada1:/etc/nsswitch.conf /etc
- 16 - Restart your computer:
shutdown -r now
- 17 - Login to the GUI with your SOE login information. If you get a prompt asking for an "LDAP Password" this means that you typed your password incorrectly.
- 18 - Remove old desktop configuration files (KDE / GNOME / browser)
NOTE: Removing ".config" will delete any saved passwords in your browser, but will fix other problems.
Logout of / kill any open X sessions. Switch to tty1 (CTRL + ALT + F1), and login with your SOE account.
rm -rf .config .kde* .gconf* .gnome*
- 19 - Some Minor Patches for things that don't work properly
Disable apparmor
sudo invoke-rc.d apparmor stop sudo update-rc.d -f apparmor remove
- 20 - Add bash as default shell
cd /bin ln -sf bash sh
- 21 - Using QEMU and ARM in 32 bit mode. We need to install 32 bit libraries for this (as root).
sudo apt-get install g++-multilib lib32z1 lib32z1-dev lib32ncurses5 lib32ncurses5-dev
- 22 - Miscellanous Kate and Kwrite text editors
sudo apt-get install kate kwrite emacs22-gtk emacs22
- 23 - Make sure that there is no file indexing (beagle)
sudo apt-get purge beagle
- 24 - Add to /etc/crontab to maintain same time (13:13 use any other random time)
echo -e "13 13 * * * root /usr/sbin/ntpdate ntp.ucsc.edu" | sudo tee -a /etc/crontab
- 25 - Add a freenx server to your desktop
sudo add-apt-repository ppa:freenx-team sudo apt-get update sudo apt-get install freenx-server
- 26 - Add sendmail (no external forwarding)
apt-get purge exim4 apt-get install sendmail cd /etc/mail/ scp mada0:/etc/mail/alias* . scp mada0:/etc/mail/sendmail.* . scp mada0:/etc/mail/generi* . chmod 777 /var/spool/mqueue /etc/init.d/sendmail restart
Installing CUDA 3.2
You will need sudo access to install CUDA 3.2. It can only be installed on machines with NVIDIA GPUS.
- Download the following
- Developer Drivers for Linux (260.24) http://developer.download.nvidia.com/compute/cuda/3_2/drivers/devdriver_3.2_linux_64_260.24.run
- CUDA Toolkit for Ubuntu Linux 10.04 http://developer.download.nvidia.com/compute/cuda/3_2/toolkit/cudatoolkit_3.2.9_linux_64_ubuntu10.04.run
Move these files to your home directory.
- Make sure the following kernel modules are blacklisted
sudo vim /etc/modprobe.d/blacklist.conf
If not already present, add the following lines to the file
blacklist vga16fb blacklist nouveau blacklist rivafb blacklist nvidiafb blacklist rivatv
- Get rid of any installed NVIDIA drivers:
sudo apt-get --purge remove nvidia-*
- Reboot the machine. X11 will not start. Switch to a terminal (CTRL + ALT + F1), and login.
- Stop X11
sudo service gdm stop
- Install the downloaded device driver first.
sudo devdriver_3.2_linux_64_260.24.run
- Accept the license agreement.
- Install NVIDIA's 32-bit compatibility OpenGL libraries? Answer: YES
- Would you like to run the nvidia-xconfig utility to automatically update your X configuration file so that the NVIDIA X driver will be used when you restart X? Answer: YES
- Install the CUDA toolkit (nvcc etc. )
sudo cudatoolkit_3.2.9_linux_64_ubuntu10.04.run
Choose default options. CUDA will be installed in the /usr/local/cuda directory. When the installation is complete, you will be asked to make changes to your INCLUDE and LD_LIBRARY_PATH env. variables.
- Reboot and login.
- OPTIONAL: Download GPU Computing SDK code samples http://developer.download.nvidia.com/compute/cuda/3_2/sdk/gpucomputingsdk_3.2_linux.run. This will be installed in your home directory by default.
Installing grid-engine (server)
- Firewall
ufw allow in 6444 ufw allow in 6445
- packages
apt-get purge gridengine-exec apt-get install gridengine-exec gridengine-client
- Set SGE master
echo "mada0.cse.ucsc.edu" >/var/lib/gridengine/default/common/act_qmaster
- Start daemon (do not wait for the next reboot)
/etc/init.d/gridengine-exec restart