Difference between revisions of "Desktop Setup - Manjaro XFCE 8.7.1"
(→SSH) |
(→Vivado Required Libraries) |
||
(155 intermediate revisions by 10 users not shown) | |||
Line 1: | Line 1: | ||
− | |||
==Creating Manjaro Live Installation Media== | ==Creating Manjaro Live Installation Media== | ||
Line 24: | Line 23: | ||
* Right click on ~2G partition and mount it as /boot. The format should be 'ext2'. | * Right click on ~2G partition and mount it as /boot. The format should be 'ext2'. | ||
* Right click on the largest partition (i.e. root) and mount is as '/'. Click Forward. | * Right click on the largest partition (i.e. root) and mount is as '/'. Click Forward. | ||
− | * | + | * Leave grub to be installed in the default partition. |
− | * '''Deselect''' Plymouth login manager. You should install a different login manager later, for instance SLiM. | + | * '''Deselect''' Plymouth login manager. You should install a different login manager later, for instance LightDM (SLiM has been discontinued, thus it is no longer recommended). |
* Review the summary of the changes you have made. And click on 'install'. | * Review the summary of the changes you have made. And click on 'install'. | ||
* Installation wizard should complete as normal. | * Installation wizard should complete as normal. | ||
Line 33: | Line 32: | ||
== Account Setup== | == Account Setup== | ||
− | + | ||
− | + | Enable root account. Open a terminal window. And enter your new root password for the machine | |
+ | sudo su - | ||
+ | passwd | ||
+ | Add your local and SOE logins to the list of sudoers: | ||
+ | vi /etc/sudoers | ||
+ | |||
+ | == Package Installation== | ||
+ | |||
+ | Update all the installed packages on your system. | ||
+ | pacman -Syu | ||
+ | |||
+ | Install ssh (not by default) | ||
+ | pacman -S openssh | ||
+ | |||
+ | Make sure that you have a decent speed mirrorlist | ||
+ | cd /etc/pacman.d | ||
+ | cp mirrorlist mirrorlist.backup | ||
+ | # make sure to uncomment all the USA servers | ||
+ | vim mirrorlist.backup | ||
+ | rankmirrors -n 6 mirrorlist.backup > mirrorlist | ||
+ | |||
+ | Replicate the packages installed in another server (after connecting to the other server) | ||
+ | pacman -Suy | ||
+ | pacman -Qqe | grep -vx "$(pacman -Qqm)" > Packages | ||
+ | |||
+ | Install the packages in your local machine (foo can be packages that fail to install) | ||
+ | cat Packages | grep -v foo | pacman -S --noconfirm - | ||
+ | |||
+ | Alternatively, if you don't want to install all the packages from another server, here is a minimal list of packages that you should install: | ||
+ | |||
+ | pacman -S clang cloc cmake cronie diffutils gdb git gnuplot gzip htop inkscape base-devel mercurial ntp perl ruby tcl texlive-most tk util-linux vim wget xdot xterm yaml-cpp zathura | ||
+ | |||
+ | Another list that you should consider installing: | ||
+ | |||
+ | pacman -S boost cups evince jdk8-openjdk jre8-openjdk | ||
+ | |||
+ | |||
+ | == AUR package manager == | ||
+ | |||
+ | Yaourt, pacaur and aurman have been all discontinued. See a list of current package managers in https://wiki.archlinux.org/index.php/AUR_helpers. | ||
+ | As of today, I am using pikaur, which seems to be functional and stable | ||
+ | |||
+ | |||
+ | === Install === | ||
+ | |||
+ | To install simply type: | ||
+ | |||
+ | sudo pacman -S --needed base-devel git | ||
+ | git clone https://aur.archlinux.org/pikaur.git | ||
+ | cd pikaur | ||
+ | makepkg -fsri | ||
+ | |||
+ | == Usage == | ||
+ | |||
+ | Just use pikaur as you would use pacman or yaourt. | ||
+ | |||
+ | == Firewall Setup== | ||
+ | Setup the firewall: | ||
+ | ufw default deny | ||
+ | ufw reject auth | ||
+ | ufw limit ssh/tcp | ||
+ | ufw logging off | ||
+ | |||
+ | The next line is only needed the first time you install the package. | ||
+ | ufw enable | ||
+ | |||
+ | Follow it by enabling ufw with systemctl. | ||
+ | systemctl enable ufw.service | ||
+ | |||
+ | Finally, query the rules being applied via the status command. | ||
+ | ufw status | ||
== NVIDIA Driver Installation == | == NVIDIA Driver Installation == | ||
Line 52: | Line 121: | ||
== MADA Related Installations == | == MADA Related Installations == | ||
+ | === QEMU/ESESC === | ||
+ | |||
+ | mmap problem for qemu | ||
+ | |||
+ | echo "vm.mmap_min_addr = 4096" >>/etc/sysctl.d/10-esesc.conf | ||
+ | echo "fs.inotify.max_user_watches = 65535" >>/etc/sysctl.d/10-esesc.conf | ||
+ | echo "kernel.randomize_va_space = 0" >>/etc/sysctl.d/10-esesc.conf | ||
+ | |||
+ | restart sysctl | ||
+ | |||
+ | systemctl restart systemd-sysctl.service | ||
+ | |||
=== autofs === | === autofs === | ||
+ | Install autofs and nfs-utils. | ||
+ | pacman -S autofs nfs-utils | ||
Create a mada directory.<br /><pre> mkdir /mada </pre> | Create a mada directory.<br /><pre> mkdir /mada </pre> | ||
− | |||
− | |||
Configure. | Configure. | ||
− | scp <username>@ | + | scp <username>@mada1.cse.ucsc.edu:/etc/autofs/auto.mada /etc/autofs/ |
− | scp <username>@ | + | scp <username>@mada1.cse.ucsc.edu:/etc/autofs/auto.master /etc/autofs/ |
When you are done configuring, launch the AutoFS daemon as root: | When you are done configuring, launch the AutoFS daemon as root: | ||
systemctl start autofs | systemctl start autofs | ||
Line 65: | Line 146: | ||
Edit /etc/autofs/auto.mada | Edit /etc/autofs/auto.mada | ||
users -rw,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/users | users -rw,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/users | ||
− | software -ro,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/software | + | software -ro,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/software |
− | + | ||
− | == | + | If this doesn't work, try instead: |
+ | users -rw,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/srv/nfs/users | ||
+ | software -ro,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/srv/nfs/software | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | Reload autofs | |
− | + | systemctl reload autofs | |
− | + | Now you should be able to access both /mada/users and /mada/software in your /mada directory. You won't see them until you try to access the folders, so try running | |
− | + | ls /mada/users | |
+ | ls /mada/software | ||
+ | ls /mada/ | ||
+ | If you do not see those folders mounted after the third command, autofs was not setup properly. Reconfigure. | ||
− | + | One way to test is to try to manually mount the folders: | |
− | + | ||
+ | mount -t nfs mada0.cse.ucsc.edu:/srv/nfs/software /mada/software | ||
=== SSH === | === SSH === | ||
+ | Enable ssh service | ||
+ | systemctl restart sshd.service | ||
+ | systemctl enable sshd.service | ||
To enable X forwarding. | To enable X forwarding. | ||
vi /etc/ssh/sshd_config | vi /etc/ssh/sshd_config | ||
Make sure X11 forwarding option is set to '''yes''' | Make sure X11 forwarding option is set to '''yes''' | ||
X11Forwarding yes | X11Forwarding yes | ||
+ | |||
+ | Now you should be able to ssh to your machine using the local username you have created. | ||
+ | ssh x_local@mascdx.cse.ucsc.edu | ||
+ | |||
+ | === Add the multilib repo === | ||
+ | |||
+ | (Required for next step) | ||
+ | Edit /etc/pacman.conf to have: | ||
+ | |||
+ | [multilib] | ||
+ | SigLevel = PackageRequired | ||
+ | Include = /etc/pacman.d/mirrorlist | ||
+ | |||
+ | Install multilib gcc and libs | ||
+ | |||
+ | pacman -Suy | ||
+ | pacman -S gcc-multilib binutils | ||
=== LDAP === | === LDAP === | ||
+ | |||
+ | '''Please do not reboot while setting up LDAP until you make sure it works! Otherwise you might end up locking yourself out and having to re-install (or use a usb stick to arch-chroot in)!''' | ||
+ | |||
+ | |||
+ | Also note that current Login Managers (Display Managers) are not handling properly LDAP user lists, so if you installed a Login Manager (LightDM, GDM or other) please disable it. If you find a suitable Login Manager, please note it here as recommended. To disable your Login Manager: | ||
+ | sudo systemctl disable lightdm #or whatever manager you have | ||
+ | |||
+ | If you mess this up, instead of starting over, boot with the flash drive you created, arch_chroot to the installation media and disable it. | ||
Install the following packages. | Install the following packages. | ||
− | pacman -S openldap | + | pacman -S openldap nss nss_ldap pam_ldap cyrus-sasl-ldap lib32-libldap |
− | + | pikaur -A nss_updatedb //Type N to edit build package and Y for installation | |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
You have already set your host name as mascdx. Check: | You have already set your host name as mascdx. Check: | ||
Line 115: | Line 219: | ||
Output example: | Output example: | ||
− | ''' | + | '''eno1''' lo |
− | You can use either dhcpcd or NetworkManager to configure the network | + | You can use either dhcpcd or NetworkManager to configure the network. Do not leave both 'active'. |
+ | systemctl stop NetworkManager.service | ||
+ | systemctl disable NetworkManager.service | ||
+ | systemctl enable dhcpcd.service | ||
+ | systemctl start dhcpcd.service | ||
+ | <!-- | ||
Copy LDAP certificates. | Copy LDAP certificates. | ||
− | scp <username>@ | + | scp <username>@mada1.cse.ucsc.edu:/etc/ssl/certs/* /etc/ssl/certs/ |
+ | --> | ||
+ | Copy LDAP configuration files: | ||
+ | scp <username>@mada1.cse.ucsc.edu:/etc/openldap/ldap.conf /etc/openldap/ldap.conf | ||
+ | scp <username>@mada1.cse.ucsc.edu:/etc/nss_ldap.conf /etc/nss_ldap.conf | ||
+ | scp <username>@mada1.cse.ucsc.edu:/etc/pam_ldap.conf /etc/pam_ldap.conf | ||
+ | scp -r <username>@mada1.cse.ucsc.edu:/etc/openldap/cacerts /etc/openldap/. | ||
+ | scp <username>@mada1.cse.ucsc.edu:/etc/pam.d/system-auth /etc/pam.d/system-auth | ||
+ | scp <username>@mada1.cse.ucsc.edu:/etc/pam.d/su-l /etc/pam.d/su-l | ||
+ | scp <username>@mada1.cse.ucsc.edu:/etc/pam.d/sudo /etc/pam.d/sudo | ||
− | Copy | + | Copy nss switch configuration file. |
− | scp <username>@ | + | scp <username>@mada1.cse.ucsc.edu:/etc/nsswitch.conf /etc/. |
+ | <!-- | ||
Copy kerberos config file. | Copy kerberos config file. | ||
− | scp <username>@ | + | scp <username>@mada1.cse.ucsc.edu:/etc/krb5.conf /etc/. |
− | + | --> | |
Now you should be able to execute the following command. | Now you should be able to execute the following command. | ||
ldapsearch -x LLL | ldapsearch -x LLL | ||
Copy imapd configuration file. | Copy imapd configuration file. | ||
− | scp <username>@ | + | scp <username>@mada1.cse.ucsc.edu:/etc/idmapd.conf /etc/. |
+ | |||
+ | make sure to have a newline at the end of /etc/request-key.d/id_resolver.conf | ||
+ | create id_resolver * * /usr/bin/nfsidmap %k %d | ||
+ | |||
Restrict access to your machine by copying and editing /etc/security/access.conf. | Restrict access to your machine by copying and editing /etc/security/access.conf. | ||
− | scp <username>@ | + | scp <username>@mada1.cse.ucsc.edu:/etc/security/access.conf /etc/security/. |
You will need to add your local login to the machine, or you will lock yourself out. | You will need to add your local login to the machine, or you will lock yourself out. | ||
Line 147: | Line 270: | ||
+ : (masc) : ALL | + : (masc) : ALL | ||
+ : (vlsi) : ALL | + : (vlsi) : ALL | ||
− | + : ( | + | + : (bridge) : ALL |
- : ALL : ALL | - : ALL : ALL | ||
Calling "su - other_username" should say "permission denied", but, calling "su - your_user_name" should work. | Calling "su - other_username" should say "permission denied", but, calling "su - your_user_name" should work. | ||
− | + | Then edit /etc/conf.d/nfs-common.conf, find NEED_IDMAPD and set it to (if you don't have this file, just create it): | |
− | + | NEED_IDMAPD="yes" | |
− | + | To get other users to have access to their home directories on your machine, you should run the following: | |
− | scp <username>@ | + | sudo ln -s /mada/users /soe |
+ | |||
+ | '''If are unable to run ls /soe something is wrong and ldap is not properly set up.''' | ||
+ | |||
+ | You should be able to ssh into your own machine again. Once you have verified that LDAP is working, you may then reboot. | ||
+ | |||
+ | LDAP patch 10/16/14 (if you are doing a new desktop setup, you already have these files) If you are not doing a new desktop setup and your LDAP is broken: | ||
+ | scp <username>@mada1.cse.ucsc.edu:/etc/nss_ldap.conf /etc/nss_ldap.conf | ||
+ | scp <username>@mada1.cse.ucsc.edu:/etc/pam_ldap.conf /etc/pam_ldap.conf | ||
+ | scp -r <username>@mada1.cse.ucsc.edu:/etc/openldap/cacerts /etc/openldap/. | ||
+ | |||
+ | |||
+ | MDM might give you a hard time. If that is the case, you can install and use lightdm instead. For this porpuse, run the following commands: | ||
+ | pacman -S lightdm | ||
+ | pacman -S lightdm-gtk3-greeter | ||
+ | systemctl stop mdm.service | ||
+ | systemctl disable mdm.service | ||
+ | cp /etc/pam.d/mdm /etc/pam.d/lightdm ; you might want to keep a backup | ||
+ | systemctl enable lightdm.service | ||
+ | systemctl start lightdm.service | ||
== Synopsys Tools Required Libraries == | == Synopsys Tools Required Libraries == | ||
Line 167: | Line 309: | ||
pacman -S $(pacman -Ssq ttf) | pacman -S $(pacman -Ssq ttf) | ||
− | + | Install libtermcap which needed by Synopsys simulator. | |
+ | |||
+ | #Download termcap-2.0.8.tar.gz | ||
+ | wget masc.soe.ucsc.edu/termcap-2.0.8.tar.gz | ||
+ | cd termcap-2.0.8 | ||
+ | #remove .depend file and do "make distclean". | ||
+ | |||
+ | # Build and install | ||
+ | sudo make install | ||
+ | |||
+ | # set link library paths | ||
+ | sudo cp termcap.conf /etc/ld.so.conf.d/ | ||
+ | sudo ldconfig | ||
+ | |||
+ | #png library | ||
+ | pacman -S libpng12 | ||
+ | |||
+ | If the above command doesn't work try: | ||
+ | pikaur -S libpng12 | ||
+ | |||
+ | I also had to install a few old libraries from the AUR: | ||
+ | pikaur -S ncurses5-compat-libs libjpeg6-turbo libtiff3 libmng | ||
+ | |||
+ | If you still have an issue with libmng try | ||
+ | sudo ln -s libmng.so.2 /lib/libmng.so.1 | ||
+ | |||
+ | |||
+ | Try to run dc_shell, and if it complains about missing libraries, it is most likely because it needs older libs (Arch/Manjaro tend to update libs sooner than most distros). | ||
+ | If that is the case, it is most likely that an older version of the library will be available from the AUR (thus install it with pikaur). | ||
+ | |||
+ | == Vivado Required Libraries == | ||
+ | |||
+ | pikaur -S libtinfo libtinfo5 | ||
+ | |||
+ | If you already have /usr/lib/libncurses.so.5 ignore the next step: | ||
+ | |||
+ | sudo ln -s /usr/lib/libncursesw.so /usr/lib/libncurses.so.5 | ||
+ | |||
+ | |||
+ | You may also need to create the following link | ||
+ | |||
+ | sudo ln -s /usr/lib/libncurses.so.5 /usr/lib/libtinfo.so.5 | ||
+ | |||
+ | == Ruby Related Stuff == | ||
+ | |||
+ | The following steps are installing RVM. | ||
+ | |||
+ | * This only needs to be done '''once per user''' since user home directories are shared across machines using NFS. | ||
+ | |||
+ | * Do '''not use root''' when installing RVM. Avoid multi-user setup. Always prefer individual setup from your account. | ||
+ | |||
+ | * We use RVM to support multiple ruby versions. | ||
+ | |||
+ | pacman -S curl | ||
+ | \curl -L https://get.rvm.io | bash -s stable --ruby | ||
+ | |||
+ | On Arch, when installing new rubies, you need to install OpenSSL package and point the ruby installation to it (not sure if this applies to Manjaro as well) | ||
+ | |||
+ | rvm pkg install openssl | ||
+ | rvm install 2.1.0 -C --with-openssl-dir=$HOME/.rvm/usr | ||
+ | |||
+ | == Set Time/crontab == | ||
+ | |||
+ | Install required software | ||
+ | |||
+ | pacman -S ntp | ||
+ | |||
+ | Set timezone and use ntp servers | ||
+ | |||
+ | timedatectl set-timezone America/Los_Angeles | ||
+ | timedatectl set-ntp yes | ||
+ | |||
+ | Setup new crontab | ||
+ | |||
+ | systemctl enable cronie | ||
+ | systemctl start cronie | ||
+ | |||
+ | Open /etc/ntp.conf file in an editor and add UCSC ntp server and remove default servers. When you are done the only server that should be listed in the file is | ||
+ | |||
+ | server ntp.ucsc.edu | ||
+ | |||
+ | == Update All Packages == | ||
+ | Frequently update all of your installed packages. | ||
+ | pacman -Syu | ||
+ | |||
+ | Search for an installed package x. | ||
+ | pacman -Qs | grep x | ||
+ | |||
+ | |||
+ | == Adobe Reader == | ||
+ | |||
+ | For pdf reading, try to stick with your preferred opensource viewer (evince, zathura, okular, ...), but if you do need acroread (for instance to fill a XPA pdf form), you will need the 32bit version of nss_ldap. But first, install acroread from the AUR: | ||
+ | |||
+ | pikaur -S acroread | ||
+ | |||
+ | The best way I found to install it was, download the tar from https://www.archlinux.org/packages/extra/i686/nss_ldap/download/, extract with: | ||
+ | |||
+ | tar xf nss_ldap-265-6-i686.pkg.tar.xz | ||
+ | |||
+ | And copy the library into the acroread folder (most likely you don't want it in your regular include path): | ||
− | + | sudo cp usr/lib/* /opt/Adobe/Reader9/Reader/intellinux/lib/ | |
− | + |
Latest revision as of 00:25, 3 November 2018
Contents
- 1 Creating Manjaro Live Installation Media
- 2 Installing Manjaro XFCE 8.7.1 via Installation Wizard
- 3 Account Setup
- 4 Package Installation
- 5 AUR package manager
- 6 Usage
- 7 Firewall Setup
- 8 NVIDIA Driver Installation
- 9 MADA Related Installations
- 10 Synopsys Tools Required Libraries
- 11 Vivado Required Libraries
- 12 Ruby Related Stuff
- 13 Set Time/crontab
- 14 Update All Packages
- 15 Adobe Reader
Creating Manjaro Live Installation Media
- Download Manjaro XFCE 8.7.1 (1.32 GB)
- Use instructions below on Mac OS X which uses the diskdump "dd" command to dump the iso to the flash drive. --More information: archlinux-USB-flash-installation
diskutil list diskutil unmountDisk /dev/disk2 //flash is connected to disk2 dd of=/dev/disk2 if=/path/to/manjaro-xfce-0.8.7.1-x86_64.iso diskutil eject /dev/disk2
Installing Manjaro XFCE 8.7.1 via Installation Wizard
- Boot from the USB Drive.
- When prompted type in ‘stat’ press enter to select Manjaro Live.
- Click on the Manjaro installation manager icon on the Desktop and walk through the installation process.
- When prompted for a username, choose one that is NOT your SOE login! For example "elnaz_local" rather than my SOE login of "elnaz". Otherwise you will not be able to login to your computer after you setup LDAP.
- When prompted for a machine name, enter the name that machine is supposed to be (mascd11, omelette, quiche, etc)
- Selecting 'Edit Partitioning' will launch gparted which will allow you to delete current partitions and/or add new partitions.
- At least 3 partitions are needed.
- ~2G storage for /boot and select ‘ext2’ as the format.
- At least 8-10G for swap and select ‘linux-swap’ as the format.
- The rest of the storage space can be partitioned as root ‘/‘ with the ‘ext4’ format.
- You can add other partition such as home directory.
- Click on 'Edit' and select 'Apply All Partitions' to save the changes. And quit the program.
- At least 3 partitions are needed.
- Right click on ~2G partition and mount it as /boot. The format should be 'ext2'.
- Right click on the largest partition (i.e. root) and mount is as '/'. Click Forward.
- Leave grub to be installed in the default partition.
- Deselect Plymouth login manager. You should install a different login manager later, for instance LightDM (SLiM has been discontinued, thus it is no longer recommended).
- Review the summary of the changes you have made. And click on 'install'.
- Installation wizard should complete as normal.
NOTE: when partitioning the disk, make sure root and boot partitions are on one disk. Otherwise, you will not be able to boot from hard drive.
Account Setup
Enable root account. Open a terminal window. And enter your new root password for the machine
sudo su - passwd
Add your local and SOE logins to the list of sudoers:
vi /etc/sudoers
Package Installation
Update all the installed packages on your system.
pacman -Syu
Install ssh (not by default)
pacman -S openssh
Make sure that you have a decent speed mirrorlist
cd /etc/pacman.d cp mirrorlist mirrorlist.backup # make sure to uncomment all the USA servers vim mirrorlist.backup rankmirrors -n 6 mirrorlist.backup > mirrorlist
Replicate the packages installed in another server (after connecting to the other server)
pacman -Suy pacman -Qqe | grep -vx "$(pacman -Qqm)" > Packages
Install the packages in your local machine (foo can be packages that fail to install)
cat Packages | grep -v foo | pacman -S --noconfirm -
Alternatively, if you don't want to install all the packages from another server, here is a minimal list of packages that you should install:
pacman -S clang cloc cmake cronie diffutils gdb git gnuplot gzip htop inkscape base-devel mercurial ntp perl ruby tcl texlive-most tk util-linux vim wget xdot xterm yaml-cpp zathura
Another list that you should consider installing:
pacman -S boost cups evince jdk8-openjdk jre8-openjdk
AUR package manager
Yaourt, pacaur and aurman have been all discontinued. See a list of current package managers in https://wiki.archlinux.org/index.php/AUR_helpers. As of today, I am using pikaur, which seems to be functional and stable
Install
To install simply type:
sudo pacman -S --needed base-devel git git clone https://aur.archlinux.org/pikaur.git cd pikaur makepkg -fsri
Usage
Just use pikaur as you would use pacman or yaourt.
Firewall Setup
Setup the firewall:
ufw default deny ufw reject auth ufw limit ssh/tcp ufw logging off
The next line is only needed the first time you install the package.
ufw enable
Follow it by enabling ufw with systemctl.
systemctl enable ufw.service
Finally, query the rules being applied via the status command.
ufw status
NVIDIA Driver Installation
By default, video-nvidia-nouveau is installed. Remove it and install video-nvidia instead.
The following command will list the basic information of all the drivers currently installed on your system.
mhwd -li -d
Filter the drivers used on a hardware with a PCI connection:
mhwd -li -d --pci
To remove the installed driver for nvidia graphics card use the following command.
mhwd -r pci video-nvidia-nouveau
You will also need to manually remove nouveau from the conf file. Edit /etc/mkinitcpio.conf by commenting out the following line.
MODULES=" nouveau"
And install video-nvidia driver
mhwd -i pci video-nvidia
MADA Related Installations
QEMU/ESESC
mmap problem for qemu
echo "vm.mmap_min_addr = 4096" >>/etc/sysctl.d/10-esesc.conf echo "fs.inotify.max_user_watches = 65535" >>/etc/sysctl.d/10-esesc.conf echo "kernel.randomize_va_space = 0" >>/etc/sysctl.d/10-esesc.conf
restart sysctl
systemctl restart systemd-sysctl.service
autofs
Install autofs and nfs-utils.
pacman -S autofs nfs-utilsCreate a mada directory.
mkdir /mada
Configure.
scp <username>@mada1.cse.ucsc.edu:/etc/autofs/auto.mada /etc/autofs/ scp <username>@mada1.cse.ucsc.edu:/etc/autofs/auto.master /etc/autofs/
When you are done configuring, launch the AutoFS daemon as root:
systemctl start autofs
To start the daemon on boot:
systemctl enable autofs
Edit /etc/autofs/auto.mada
users -rw,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/users software -ro,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/software
If this doesn't work, try instead:
users -rw,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/srv/nfs/users software -ro,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/srv/nfs/software
Reload autofs
systemctl reload autofs
Now you should be able to access both /mada/users and /mada/software in your /mada directory. You won't see them until you try to access the folders, so try running
ls /mada/users ls /mada/software ls /mada/
If you do not see those folders mounted after the third command, autofs was not setup properly. Reconfigure.
One way to test is to try to manually mount the folders:
mount -t nfs mada0.cse.ucsc.edu:/srv/nfs/software /mada/software
SSH
Enable ssh service
systemctl restart sshd.service systemctl enable sshd.service
To enable X forwarding.
vi /etc/ssh/sshd_config
Make sure X11 forwarding option is set to yes
X11Forwarding yes
Now you should be able to ssh to your machine using the local username you have created.
ssh x_local@mascdx.cse.ucsc.edu
Add the multilib repo
(Required for next step) Edit /etc/pacman.conf to have:
[multilib] SigLevel = PackageRequired Include = /etc/pacman.d/mirrorlist
Install multilib gcc and libs
pacman -Suy pacman -S gcc-multilib binutils
LDAP
Please do not reboot while setting up LDAP until you make sure it works! Otherwise you might end up locking yourself out and having to re-install (or use a usb stick to arch-chroot in)!
Also note that current Login Managers (Display Managers) are not handling properly LDAP user lists, so if you installed a Login Manager (LightDM, GDM or other) please disable it. If you find a suitable Login Manager, please note it here as recommended. To disable your Login Manager:
sudo systemctl disable lightdm #or whatever manager you have
If you mess this up, instead of starting over, boot with the flash drive you created, arch_chroot to the installation media and disable it.
Install the following packages.
pacman -S openldap nss nss_ldap pam_ldap cyrus-sasl-ldap lib32-libldap pikaur -A nss_updatedb //Type N to edit build package and Y for installation
You have already set your host name as mascdx. Check:
vi /etc/hostname
If it is not set, set it using the following command.
hostnamectl set-hostname mascdx
Now mascdx is in /etc/hostname
Disable Modem Manager.
systemctl disable ModemManager
To get a list of current NIC names use:
ls /sys/class/net
Output example:
eno1 lo
You can use either dhcpcd or NetworkManager to configure the network. Do not leave both 'active'.
systemctl stop NetworkManager.service systemctl disable NetworkManager.service systemctl enable dhcpcd.service systemctl start dhcpcd.service
Copy LDAP configuration files:
scp <username>@mada1.cse.ucsc.edu:/etc/openldap/ldap.conf /etc/openldap/ldap.conf scp <username>@mada1.cse.ucsc.edu:/etc/nss_ldap.conf /etc/nss_ldap.conf scp <username>@mada1.cse.ucsc.edu:/etc/pam_ldap.conf /etc/pam_ldap.conf scp -r <username>@mada1.cse.ucsc.edu:/etc/openldap/cacerts /etc/openldap/. scp <username>@mada1.cse.ucsc.edu:/etc/pam.d/system-auth /etc/pam.d/system-auth scp <username>@mada1.cse.ucsc.edu:/etc/pam.d/su-l /etc/pam.d/su-l scp <username>@mada1.cse.ucsc.edu:/etc/pam.d/sudo /etc/pam.d/sudo
Copy nss switch configuration file.
scp <username>@mada1.cse.ucsc.edu:/etc/nsswitch.conf /etc/.
Now you should be able to execute the following command.
ldapsearch -x LLL
Copy imapd configuration file.
scp <username>@mada1.cse.ucsc.edu:/etc/idmapd.conf /etc/.
make sure to have a newline at the end of /etc/request-key.d/id_resolver.conf
create id_resolver * * /usr/bin/nfsidmap %k %d
Restrict access to your machine by copying and editing /etc/security/access.conf.
scp <username>@mada1.cse.ucsc.edu:/etc/security/access.conf /etc/security/.
You will need to add your local login to the machine, or you will lock yourself out.
vi /etc/security/access.conf
Go to very bottom of file and add your local user account to the list below root. Example of the last lines of my file (Replace "elnaz_local" with your local login).
+ : root : ALL + : elnaz_local : ALL + : nx : ALL + : gitosis : ALL + : (masc) : ALL + : (vlsi) : ALL + : (bridge) : ALL - : ALL : ALL
Calling "su - other_username" should say "permission denied", but, calling "su - your_user_name" should work.
Then edit /etc/conf.d/nfs-common.conf, find NEED_IDMAPD and set it to (if you don't have this file, just create it):
NEED_IDMAPD="yes"
To get other users to have access to their home directories on your machine, you should run the following:
sudo ln -s /mada/users /soe
If are unable to run ls /soe something is wrong and ldap is not properly set up.
You should be able to ssh into your own machine again. Once you have verified that LDAP is working, you may then reboot.
LDAP patch 10/16/14 (if you are doing a new desktop setup, you already have these files) If you are not doing a new desktop setup and your LDAP is broken:
scp <username>@mada1.cse.ucsc.edu:/etc/nss_ldap.conf /etc/nss_ldap.conf scp <username>@mada1.cse.ucsc.edu:/etc/pam_ldap.conf /etc/pam_ldap.conf scp -r <username>@mada1.cse.ucsc.edu:/etc/openldap/cacerts /etc/openldap/.
MDM might give you a hard time. If that is the case, you can install and use lightdm instead. For this porpuse, run the following commands:
pacman -S lightdm pacman -S lightdm-gtk3-greeter systemctl stop mdm.service systemctl disable mdm.service cp /etc/pam.d/mdm /etc/pam.d/lightdm ; you might want to keep a backup systemctl enable lightdm.service systemctl start lightdm.service
Synopsys Tools Required Libraries
Having installed xorg-server xorg-server-common, I still had to install the following.
pacman -S xorg-server-devel
Install more and more fonts. Some of them are required by the Synopsys tools.
pacman -S $(pacman -Ssq font) pacman -S $(pacman -Ssq ttf)
Install libtermcap which needed by Synopsys simulator.
#Download termcap-2.0.8.tar.gz wget masc.soe.ucsc.edu/termcap-2.0.8.tar.gz cd termcap-2.0.8 #remove .depend file and do "make distclean".
# Build and install sudo make install
# set link library paths sudo cp termcap.conf /etc/ld.so.conf.d/ sudo ldconfig
#png library pacman -S libpng12
If the above command doesn't work try:
pikaur -S libpng12
I also had to install a few old libraries from the AUR:
pikaur -S ncurses5-compat-libs libjpeg6-turbo libtiff3 libmng
If you still have an issue with libmng try
sudo ln -s libmng.so.2 /lib/libmng.so.1
Try to run dc_shell, and if it complains about missing libraries, it is most likely because it needs older libs (Arch/Manjaro tend to update libs sooner than most distros).
If that is the case, it is most likely that an older version of the library will be available from the AUR (thus install it with pikaur).
Vivado Required Libraries
pikaur -S libtinfo libtinfo5
If you already have /usr/lib/libncurses.so.5 ignore the next step:
sudo ln -s /usr/lib/libncursesw.so /usr/lib/libncurses.so.5
You may also need to create the following link
sudo ln -s /usr/lib/libncurses.so.5 /usr/lib/libtinfo.so.5
Ruby Related Stuff
The following steps are installing RVM.
- This only needs to be done once per user since user home directories are shared across machines using NFS.
- Do not use root when installing RVM. Avoid multi-user setup. Always prefer individual setup from your account.
- We use RVM to support multiple ruby versions.
pacman -S curl \curl -L https://get.rvm.io | bash -s stable --ruby
On Arch, when installing new rubies, you need to install OpenSSL package and point the ruby installation to it (not sure if this applies to Manjaro as well)
rvm pkg install openssl rvm install 2.1.0 -C --with-openssl-dir=$HOME/.rvm/usr
Set Time/crontab
Install required software
pacman -S ntp
Set timezone and use ntp servers
timedatectl set-timezone America/Los_Angeles timedatectl set-ntp yes
Setup new crontab
systemctl enable cronie systemctl start cronie
Open /etc/ntp.conf file in an editor and add UCSC ntp server and remove default servers. When you are done the only server that should be listed in the file is
server ntp.ucsc.edu
Update All Packages
Frequently update all of your installed packages.
pacman -Syu
Search for an installed package x.
pacman -Qs | grep x
Adobe Reader
For pdf reading, try to stick with your preferred opensource viewer (evince, zathura, okular, ...), but if you do need acroread (for instance to fill a XPA pdf form), you will need the 32bit version of nss_ldap. But first, install acroread from the AUR:
pikaur -S acroread
The best way I found to install it was, download the tar from https://www.archlinux.org/packages/extra/i686/nss_ldap/download/, extract with:
tar xf nss_ldap-265-6-i686.pkg.tar.xz
And copy the library into the acroread folder (most likely you don't want it in your regular include path):
sudo cp usr/lib/* /opt/Adobe/Reader9/Reader/intellinux/lib/