Difference between revisions of "Desktop Setup - Manjaro XFCE 8.7.1"
(→LDAP) |
(→LDAP) |
||
Line 155: | Line 155: | ||
scp <username>@mascd5.cse.ucsc.edu:/etc/ssl/certs/* /etc/ssl/certs/ | scp <username>@mascd5.cse.ucsc.edu:/etc/ssl/certs/* /etc/ssl/certs/ | ||
--> | --> | ||
− | Copy LDAP configuration | + | Copy LDAP configuration files: |
scp <username>@mascd10.cse.ucsc.edu:/etc/openldap/ldap.conf /etc/openldap/ldap.conf | scp <username>@mascd10.cse.ucsc.edu:/etc/openldap/ldap.conf /etc/openldap/ldap.conf | ||
scp <username>@mascd10.cse.ucsc.edu:/etc/openldap/nss_ldap.conf /etc/openldap/nss_ldap.conf | scp <username>@mascd10.cse.ucsc.edu:/etc/openldap/nss_ldap.conf /etc/openldap/nss_ldap.conf | ||
scp <username>@mascd10.cse.ucsc.edu:/etc/openldap/pam_ldap.conf /etc/openldap/pam_ldap.conf | scp <username>@mascd10.cse.ucsc.edu:/etc/openldap/pam_ldap.conf /etc/openldap/pam_ldap.conf | ||
+ | scp <username>@mascd10.cse.ucsc.edu:/etc/pam.d/system-auth /etc/pam.d/system-auth | ||
+ | scp <username>@mascd10.cse.ucsc.edu:/etc/pam.d/su-l /etc/pam.d/ssu-l | ||
+ | scp <username>@mascd10.cse.ucsc.edu:/etc/pam.d/mdm /etc/pam.d/mdm | ||
Copy nss switch configuration file. | Copy nss switch configuration file. | ||
Line 190: | Line 193: | ||
Calling "su - other_username" should say "permission denied", but, calling "su - your_user_name" should work. | Calling "su - other_username" should say "permission denied", but, calling "su - your_user_name" should work. | ||
+ | |||
+ | Then edit /etc/conf.d/nss-common.conf, find NEED_IDMAPD and set it to: | ||
+ | NEED_ADMAPD="yes" | ||
== Synopsys Tools Required Libraries == | == Synopsys Tools Required Libraries == |
Revision as of 18:10, 6 November 2013
Testing the installation of Archlinux: Manjaro XFCE 8.7.1
Contents
Creating Manjaro Live Installation Media
- Download Manjaro XFCE 8.7.1 (1.32 GB)
- Use instructions below on Mac OS X which uses the diskdump "dd" command to dump the iso to the flash drive. --More information: archlinux-USB-flash-installation
diskutil list diskutil unmountDisk /dev/disk2 //flash is connected to disk2 dd of=/dev/disk2 if=/path/to/manjaro-xfce-0.8.7.1-x86_64.iso diskutil eject /dev/disk2
Installing Manjaro XFCE 8.7.1 via Installation Wizard
- Boot from the USB Drive.
- When prompted type in ‘stat’ press enter to select Manjaro Live.
- Click on the Manjaro installation manager icon on the Desktop and walk through the installation process.
- When prompted for a username, choose one that is NOT your SOE login! For example "elnaz_local" rather than my SOE login of "elnaz". Otherwise you will not be able to login to your computer after you setup LDAP.
- When prompted for a machine name, enter the name that machine is supposed to be (mascd11, omelette, quiche, etc)
- Selecting 'Edit Partitioning' will launch gparted which will allow you to delete current partitions and/or add new partitions.
- At least 3 partitions are needed.
- ~2G storage for /boot and select ‘ext2’ as the format.
- At least 8-10G for swap and select ‘linux-swap’ as the format.
- The rest of the storage space can be partitioned as root ‘/‘ with the ‘ext4’ format.
- You can add other partition such as home directory.
- Click on 'Edit' and select 'Apply All Partitions' to save the changes. And quit the program.
- At least 3 partitions are needed.
- Right click on ~2G partition and mount it as /boot. The format should be 'ext2'.
- Right click on the largest partition (i.e. root) and mount is as '/'. Click Forward.
- Leave grub to be installed in the default partition.
- Deselect Plymouth login manager. You should install a different login manager later, for instance SLiM.
- Review the summary of the changes you have made. And click on 'install'.
- Installation wizard should complete as normal.
NOTE: when partitioning the disk, make sure root and boot partitions are on one disk. Otherwise, you will not be able to boot from hard drive.
Account Setup
Enable root account. Open a terminal window. And enter your new root password for the machine
sudo su - passwd
Add your local and SOE logins to the list of sudoers:
vi /etc/sudoers
Package Installation
Update all the installed packages on your system.
pacman -Syu
Expand this section to view the list of packages that need to be installed.
List of Packages
accountsservice ack acl alsa-lib alsa-plugins apr apr-util apvlv archlinux-keyring ascii aspell aspell-en at-spi2-atk at-spi2-core atk atkmm attr audit autoconf automake avahi awesome babl bash binutils-multilib bison blas boost boost-libs bzip2 ca-certificates ca-certificates-java cairo cairomm cantarell-fonts cdparanoia chromium cifs-utils cloog clucene clusterssh clutter cmake cogl colord compositeproto coreutils cppcheck cpupower cracklib cronie cryptsetup cups-pk-helper curl damageproto db dbus dbus-glib dconf desktop-file-utils device-mapper dhclient dhcpcd diffutils dirmngr djvulibre dnssec-anchors dnsutils docbook-xml docbook-xsl dosfstools dotconf e2fsprogs e_dbus ecore edje eet eeze efreet eina eio elementary elfutils embryo emotion enca enchant eog epdfview ethumb evas evas_generic_loaders exempi exiv2 exo expat fakeroot feh ffmpeg fftw file filesystem findutils fixesproto flac flex font-bh-ttf fontconfig fontsproto fpc freeglut freeimage freetype2 fribidi ftgl fuse garcon gawk gc gcc gcc-libs gd gdb gdbm gdk-pixbuf gdk-pixbuf2 gegl geoclue gettext ghostscript giblib giflib gimp girara-common girara-gtk2 git gjs glew glib glib-networking glib2 glibc glibmm glu gmp gnome-desktop gnome-icon-theme gnome-icon-theme-symbolic gnome-menus gnome-themes-standard gnupg gnuplot gnutls gobject-introspection gource gpart gparted gpgme gpm graphite graphviz grep groff grub gsettings-desktop-schemas gsfonts gsl gsm gstreamer0.10 gstreamer0.10-base gstreamer0.10-base-plugins gtk gtk-chtheme gtk-engines gtk-update-icon-cache gtk2 gtk2-xfce-engine gtk2_prefs gtk3 gtkmm gtksourceview2 gtkspell gts gvfs gvim gzip harfbuzz harfbuzz-icu hdparm heirloom-mailx hicolor-icon-theme hspell htop hunspell hwids hyphen iana-etc icon-naming-utils icu idnkit ilmbase imagemagick imlib2 inetutils inkscape inputproto intltool iotop iperf iproute2 iptables iputils isl iso-codes jack jasper jbig2dec jdk7-openjdk jfsutils jre7-openjdk jre7-openjdk-headless js js185 json-c json-glib kbd kbproto keyutils kmod krb5 lame lapack lcms lcms2 ldb ldns less lib32-gcc-libs lib32-glibc lib32-zlib libarchive libart-lgpl libass libassuan libasyncns libatasmart libbluray libbsd libburn libcanberra libcanberra-pulse libcap libcap-ng libcddb libcdio libcdio-paranoia libcl libcroco libcups libdaemon libdatrie libdmtx libdrm libedit libev libevent libexif libffi libfontenc libgcrypt libgdm libgee libglade libgnome-keyring libgpg-error libgssglue libgtop libgusb libgxps libical libice libid3tag libidn libimobiledevice libiodbc libisofs libjpeg-turbo libkeybinder2 libksba libldap liblqr libltdl libmbim libmikmod libmng libmodplug libmpc libmpd libmysqlclient libnewt libnl libnotify liboauth libogg libotf libpcap libpciaccess libpeas libpipeline libplist libpng libproxy libpulse libpwquality libqmi libraw libreoffice-base libreoffice-calc libreoffice-common libreoffice-draw libreoffice-en-US libreoffice-impress libreoffice-math libreoffice-postgresql-connector libreoffice-writer librpcsecgss librsvg librsync libsamplerate libsasl libsecret libsigc++ libsigsegv libsm libsndfile libsoup libspectre libssh libssh2 libtasn1 libthai libtheora libtiff libtirpc libtraceevent libunique libunwind libusb-compat libusbx libutempter libva libvdpau libvisual libvorbis libvpx libwacom libwbclient libwebp libwmf libwnck libwpd libwps libx11 libxau libxaw libxcb libxcomp libxcomposite libxcursor libxdamage libxdg-basedir libxdmcp libxext libxfce4ui libxfce4util libxfcegui4 libxfixes libxfont libxft libxi libxinerama libxkbcommon libxkbfile libxklavier libxml2 libxmu libxp libxpm libxrandr libxrender libxres libxslt libxss libxt libxtst libxv libxxf86vm libyaml licenses linux linux-api-headers linux-firmware llvm llvm-libs lm_sensors logrotate lpsolve lsof lua lua-lgi lua51 lvm2 lxappearance lxrandr lzo lzo2 m4 make man-db man-pages mash mcpp mdadm media-player-info mesa mesa-libgl miniupnpc mkinitcpio mkinitcpio-busybox mobile-broadband-provider-info modemmanager mousepad mpfr mtools muparser mupdf nano ncftp ncurses neon net-tools netctl nettle nfs-utils nfsidmap ngspice nspr nss openal opencore-amr openexr openjpeg openresolv openssh openssl opus orage orc oxygen-icons p11-kit pacgraph package-query pacman pacman-mirrorlist pam pambase pango pangomm parted patch pciutils pcmciautils pcre perf perl perl-class-data-inheritable perl-convert-asn1 perl-crypt-blowfish perl-crypt-des perl-data-dump perl-dbi-shell perl-devel-symdump perl-digest-hmac perl-digest-sha1 perl-error perl-file-next perl-file-which perl-io-tee perl-params-util perl-pod-coverage perl-sub-uplevel perl-test-exception perl-test-nowarnings perl-test-pod perl-test-pod-coverage perl-test-tester perl-test-trap perl-test-warn perl-text-reform perl-tk perl-tree-dag-node perl-try-tiny perl-x11-protocol perl-xml-parser perl-xml-simple phonon-gstreamer pinentry pixman pkg-config pm-quirks pm-utils polkit poppler poppler-data poppler-glib popt postgresql-libs powertop ppp printproto procps-ng psmisc psutils pth pulseaudio pulseaudio-alsa pygobject-devel pygobject2-devel pygtk python python-lxml python-pip python-psutil python-pyudev python-setuptools python-xdg python2 python2-atspi python2-beaker python2-boto python2-cairo python2-crypto python2-gnupginterface python2-gobject python2-gobject2 python2-keybinder2 python2-lxml python2-mako python2-markupsafe python2-notify python2-paramiko python2-pyudev python2-setuptools python2-xdg qiv qrencode qt4 r randrproto raptor rasqal readline recode recordproto redland redland-storage-virtuoso reiserfsprogs renderproto rest ristretto rpcbind rsync rtkit rtmpdump rubber ruby run-parts sbc scala schroedinger scrnsaverproto sdl sdl_image sdl_mixer sdl_net sdl_ttf sed serf sg3_utils shadow shared-color-profiles shared-color-targets shared-desktop-ontologies shared-mime-info slang slim smpeg snappy sound-theme-freedesktop speech-dispatcher speex sqlite sshfs startup-notification strace strigi subversion sudo swig sysfsutils syslinux systemd systemd-sysvcompat sysvinit-tools t1lib taglib talloc tar tcl tcsh tdb terminator tevent texinfo texlive-bibtexextra texlive-bin texlive-core texlive-fontsextra texlive-formatsextra texlive-games texlive-genericextra texlive-htmlxml texlive-humanities texlive-latexextra texlive-music texlive-pictures texlive-plainextra texlive-pstricks texlive-publishers texlive-science thunar thunar-archive-plugin thunar-media-tags-plugin thunar-volman time tk tmux tre ttf-dejavu ttf-droid ttf-freefont ttf-inconsolata ttf-liberation ttf-linux-libertine tumbler tzdata udisks udisks2 unixodbc unrar unzip upower usbip usbmuxd usbutils util-linux v4l-utils vi videoproto vim-a vim-bufexplorer vim-colorsamplerpack vim-doxygentoolkit vim-guicolorscheme vim-nerdtree vim-netrw vim-omnicppcomplete vim-project vim-runtime vim-taglist vim-vcscommand vim-workspace virtuoso-base vpnc vte vte-common wayland webrtc-audio-processing wget which wpa_supplicant wxgtk x264 x86_energy_perf_policy xbitmaps xcb-proto xcb-util xcb-util-image xcb-util-keysyms xcb-util-wm xdg-utils xextproto xf86-input-evdev xf86vidmodeproto xfburn xfce4-appfinder xfce4-artwork xfce4-battery-plugin xfce4-clipman-plugin xfce4-cpufreq-plugin xfce4-cpugraph-plugin xfce4-datetime-plugin xfce4-dict xfce4-diskperf-plugin xfce4-eyes-plugin xfce4-fsguard-plugin xfce4-genmon-plugin xfce4-mailwatch-plugin xfce4-mixer xfce4-mount-plugin xfce4-mpc-plugin xfce4-netload-plugin xfce4-notes-plugin xfce4-notifyd xfce4-panel xfce4-power-manager xfce4-quicklauncher-plugin xfce4-screenshooter xfce4-sensors-plugin xfce4-session xfce4-settings xfce4-smartbookmark-plugin xfce4-systemload-plugin xfce4-taskmanager xfce4-terminal xfce4-time-out-plugin xfce4-timer-plugin xfce4-verve-plugin xfce4-wavelan-plugin xfce4-weather-plugin xfce4-xkb-plugin xfconf xfdesktop xfsprogs xfwm4 xfwm4-themes xineramaproto xkeyboard-config xorg-bdftopcf xorg-font-util xorg-font-utils xorg-fonts-alias xorg-fonts-encodings xorg-fonts-misc xorg-iceauth xorg-luit xorg-mkfontdir xorg-mkfontscale xorg-server xorg-server-common xorg-server-utils xorg-sessreg xorg-setxkbmap xorg-xauth xorg-xbacklight xorg-xcmsdb xorg-xev xorg-xgamma xorg-xhost xorg-xinit xorg-xinput xorg-xkbcomp xorg-xlsfonts xorg-xmessage xorg-xmodmap xorg-xrandr xorg-xrdb xorg-xrefresh xorg-xset xorg-xsetroot xproto xterm xvidcore xz yajl yaourt zathura zathura-djvu zathura-pdf-poppler zathura-ps zip zlib zziplib
pacman -S mysql
pacman -S mysql-clients
pacman -S mtdev
pacman -S virtualbox-guest-modules
pacman -S virtualbox-guest-utils
You might need to reboot your system afterwards.
Firewall Setup
Setup the firewall:
ufw default deny ufw reject auth ufw limit ssh/tcp ufw logging off
The next line is only needed the first time you install the package.
ufw enable
Follow it by enabling ufw with systemctl.
systemctl enable ufw.service
Finally, query the rules being applied via the status command.
ufw status
NVIDIA Driver Installation
By default, video-nvidia-nouveau is installed. Remove it and install video-nvidia instead.
The following command will list the basic information of all the drivers currently installed on your system.
mhwd -li -d
Filter the drivers used on a hardware with a PCI connection:
mhwd -li -d --pci
To remove the installed driver for nvidia graphics card use the following command.
mhwd -r pci video-nvidia-nouveau
You will also need to manually remove nouveau from the conf file. Edit /etc/mkinitcpio.conf by commenting out the following line.
MODULES=" nouveau"
And install video-nvidia driver
mhwd -i pci video-nvidia
MADA Related Installations
autofs
Install autofs.
pacman -S autofsCreate a mada directory.
mkdir /mada
Configure.
scp <username>@mascd5.cse.ucsc.edu:/etc/autofs/auto.mada /etc/autofs/ scp <username>@mascd5.cse.ucsc.edu:/etc/autofs/auto.master /etc/autofs/
When you are done configuring, launch the AutoFS daemon as root:
systemctl start autofs
To start the daemon on boot:
systemctl enable autofs
Edit /etc/autofs/auto.mada
users -rw,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/users software -ro,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/software
Reload autofs
systemctl reload autofs
Now you should be able to see both /mada/users and /mada/software in your /mada directory. If you do not see those folders mounted. autofs was not setup properly. Reconfigure.
SSH
Enable ssh service
systemctl restart sshd.service
To enable X forwarding.
vi /etc/ssh/sshd_config
Make sure X11 forwarding option is set to yes
X11Forwarding yes
Now you should be able to ssh to your machine using the local username you have created.
ssh x_local@masdx.cse.ucsc.edu
LDAP
Please do not reboot while setting up LDAP until you make sure it works! Otherwise you might end up locking yourself out and having to re-install!
Install the following packages.
pacman -S openldap nss nss_ldap pam_ldap cyrus-sasl-ldap lib32-libldap yaourt -A nss_updatedb //Type N to edit build package and Y for installation
You have already set your host name as mascdx. Check:
vi /etc/hostname
If it is not set, set it using the following command.
hostnamectl set-hostname mascdx
Now mascdx is in /etc/hostname
Disable Modem Manager.
systemctl disable ModemManager
To get a list of current NIC names use:
ls /sys/class/net
Output example:
eno1 lo
You can use either dhcpcd or NetworkManager to configure the network. Do not leave both 'active'.
systemctl enable dhcpcd.service
Copy LDAP configuration files:
scp <username>@mascd10.cse.ucsc.edu:/etc/openldap/ldap.conf /etc/openldap/ldap.conf scp <username>@mascd10.cse.ucsc.edu:/etc/openldap/nss_ldap.conf /etc/openldap/nss_ldap.conf scp <username>@mascd10.cse.ucsc.edu:/etc/openldap/pam_ldap.conf /etc/openldap/pam_ldap.conf scp <username>@mascd10.cse.ucsc.edu:/etc/pam.d/system-auth /etc/pam.d/system-auth scp <username>@mascd10.cse.ucsc.edu:/etc/pam.d/su-l /etc/pam.d/ssu-l scp <username>@mascd10.cse.ucsc.edu:/etc/pam.d/mdm /etc/pam.d/mdm
Copy nss switch configuration file.
scp <username>@mascd10.cse.ucsc.edu:/etc/nsswitch.conf /etc/.
Now you should be able to execute the following command.
ldapsearch -x LLL
Copy imapd configuration file.
scp <username>@mascd5.cse.ucsc.edu:/etc/idmapd.conf /etc/.
Restrict access to your machine by copying and editing /etc/security/access.conf.
scp <username>@mascd5.cse.ucsc.edu:/etc/security/access.conf /etc/security/.
You will need to add your local login to the machine, or you will lock yourself out.
vi /etc/security/access.conf
Go to very bottom of file and add your local user account to the list below root. Example of the last lines of my file (Replace "elnaz_local" with your local login).
+ : root : ALL + : elnaz_local : ALL + : nx : ALL + : gitosis : ALL + : (masc) : ALL + : (vlsi) : ALL + : (mada0) : ALL - : ALL : ALL
Calling "su - other_username" should say "permission denied", but, calling "su - your_user_name" should work.
Then edit /etc/conf.d/nss-common.conf, find NEED_IDMAPD and set it to:
NEED_ADMAPD="yes"
Synopsys Tools Required Libraries
Having installed xorg-server xorg-server-common, I still had to install the following.
pacman -S xorg-server-devel
Install more and more fonts. Some of them are required by the Synopsys tools.
pacman -S $(pacman -Ssq font) pacman -S $(pacman -Ssq ttf)
Install libtermcap which needed by Synopsys simulator.
#Download termcap-2.0.8.tar.gz wget masc.soe.ucsc.edu/termap-2.0.8.tar.gz cd termcap-2.0.8
# Build and install sudo make install
# set link library paths sudo cp termcap.conf /etc/ld.so.conf.d/ sudo ldconfig
Update All Packages
Frequently update all of your installed packages.
pacman -Syu