Difference between revisions of "Desktop Setup - Manjaro XFCE 8.7.1"

From Vlsiwiki
Jump to: navigation, search
(LDAP)
(SSH)
Line 86: Line 86:
  
 
=== SSH ===
 
=== SSH ===
 +
To enable X forwarding.
 +
vi /etc/ssh/sshd_config
 +
Make sure X11 forwarding option is set to '''yes'''
 +
X11Forwarding yes
 +
 
=== LDAP ===
 
=== LDAP ===
  

Revision as of 23:03, 7 October 2013

Testing the installation of Archlinux: Manjaro XFCE 8.7.1

Creating Manjaro Live Installation Media

    diskutil list
    diskutil unmountDisk /dev/disk2 //flash is connected to disk2
    dd of=/dev/disk2 if=/path/to/manjaro-xfce-0.8.7.1-x86_64.iso
    diskutil eject /dev/disk2

Installing Manjaro XFCE 8.7.1 via Installation Wizard

  • Boot from the USB Drive.
  • When prompted type in ‘stat’ press enter to select Manjaro Live.
  • Click on the Manjaro installation manager icon on the Desktop and walk through the installation process.
  • When prompted for a username, choose one that is NOT your SOE login! For example "elnaz_local" rather than my SOE login of "elnaz". Otherwise you will not be able to login to your computer after you setup LDAP.
  • When prompted for a machine name, enter the name that machine is supposed to be (mascd11, omelette, quiche, etc)
  • Selecting 'Edit Partitioning' will launch gparted which will allow you to delete current partitions and/or add new partitions.
    • At least 3 partitions are needed.
      • ~2G storage for /boot and select ‘ext2’ as the format.
      • At least 8-10G for swap and select ‘linux-swap’ as the format.
      • The rest of the storage space can be partitioned as root ‘/‘ with the ‘ext4’ format.
      • You can add other partition such as home directory.
      • Click on 'Edit' and select 'Apply All Partitions' to save the changes. And quit the program.
  • Right click on ~2G partition and mount it as /boot. The format should be 'ext2'.
  • Right click on the largest partition (i.e. root) and mount is as '/'. Click Forward.
  • Note to install 'grub' in the /boot partition.
  • Deselect Plymouth login manager. You should install a different login manager later, for instance SLiM.
  • Review the summary of the changes you have made. And click on 'install'.
  • Installation wizard should complete as normal.

NOTE: when partitioning the disk, make sure root and boot partitions are on one disk. Otherwise, you will not be able to boot from hard drive.



Account Setup

  1. Enable root account. Open a terminal window. And enter your new root password for the machine.
    sudo su - 
  2. Add your local and SOE logins to the list of sudoers:
    vi /etc/sudoers 

NVIDIA Driver Installation

By default, video-nvidia-nouveau is installed. Remove it and install video-nvidia instead.

The following command will list the basic information of all the drivers currently installed on your system.

mhwd -li -d

Filter the drivers used on a hardware with a PCI connection:

mhwd -li -d --pci

To remove the installed driver for nvidia graphics card use the following command.

mhwd -r pci video-nvidia-nouveau

You will also need to manually remove nouveau from the conf file. Edit /etc/mkinitcpio.conf by commenting out the following line.

MODULES=" nouveau"

And install video-nvidia driver

mhwd -i pci video-nvidia

MADA Related Installations

autofs

Create a mada directory.
 mkdir /mada 

Install autofs.

pacman -S autofs 

Configure.

scp <username>@mada0:/etc/auto.mada   /etc/autofs/.
scp <username>@mada0:/etc/auto.master /etc/autofs/.

When you are done configuring, launch the AutoFS daemon as root:

systemctl start autofs 

To start the daemon on boot:

systemctl enable autofs

Edit /etc/autofs/auto.mada

users               -rw,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/users 
software            -ro,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/software 

firewall

Setup the firewall:

ufw default deny
ufw reject auth
ufw limit ssh/tcp
ufw logging off

The next line is only needed the first time you install the package.

ufw enable

Follow it by enabling ufw with systemctl.

systemctl enable ufw.service

Finally, query the rules being applied via the status command.

ufw status

SSH

To enable X forwarding.

vi /etc/ssh/sshd_config

Make sure X11 forwarding option is set to yes

X11Forwarding yes

LDAP

Install the following packages.

pacman -S openldap
pacman -S nss
pacman -S nss_ldap 
pacman -S pam_ldap
pacman -S cyrus-sasl-ldap
pacman -S lib32-libldap
yourt  -A nss_updatedb

You have already set your host name as mascdx. Check:

vi /etc/hostname

If it is not set, set it using the following command.

hostnamectl set-hostname mascdx

Now mascdx is in /etc/hostname

Disable Modem Manager.

systemctl disable ModemManager

To get a list of current NIC names use:

ls /sys/class/net 

Output example:

enp16s3 ens5f0  ens5f1  lo

You can use either dhcpcd or NetworkManager to configure the network, but make sure you use either a generic or the other type of ethernet device. Do not leave both 'active'.

Copy LDAP certificates.

scp <username>@mascd11:/etc/ssl/certs/* /etc/ssl/certs/

Copy LDAP configuration file.

scp <username>@mascd11:/etc/openldap/ldap.conf /etc/openldap/ldap.conf

Copy kerberos config file.

scp <username>@mascd11:/etc/krb5.conf /etc/.

Now you should be able to execute the following command.

ldapsearch -x LLL

Copy imapd configuration file.

scp <username>@mascd11:/etc/idmapd.conf  /etc/.

Restrict access to your machine by copying and editing /etc/security/access.conf.

scp <username>@mascd11:/etc/security/access.conf  /etc/security/.

You will need to add your local login to the machine, or you will lock yourself out.

vi /etc/security/access.conf

Go to very bottom of file and add your local user account to the list below root. Example of the last lines of my file (Replace "elnaz_local" with your local login).

+ : root : ALL 
+ : elnaz_local : ALL 
+ : nx : ALL 
+ : gitosis : ALL 
+ : (masc) : ALL 
+ : (vlsi) : ALL 
+ : (mada0) : ALL 
- : ALL : ALL 

Calling "su - other_username" should say "permission denied", but, calling "su - your_user_name" should work.

Copy nss switch configuration file.

scp <username>@mascd11:/etc/nsswitch.conf  /etc/.

Copy pam LDAP configuration file.

scp <username>@mascd11:/etc/pam_ldap.conf /etc/.

Synopsys Tools Required Libraries

Having installed xorg-server xorg-server-common, I still had to install the following.

pacman -S xorg-server-devel

Install more and more fonts. Some of them are required by the Synopsys tools.

pacman -S $(pacman -Ssq font)
pacman -S $(pacman -Ssq ttf)

Copy libtermcap which needed by Synopsys simulator.

scp username@mada1:/usr/lib/libtermcap.so.2.0.8 /lib/. /lib/.
ln -s /usr/lib/libtermcap.so.2.0.8 /lib/libtermcap.so.2