Earthdevruis » History » Revision 4
Revision 3 (Joseph Foley, 2013-03-15 14:32) → Revision 4/20 (Joseph Foley, 2013-03-15 16:15)
h1. Earthdevruis
@earth.dev.ru.is@ is a high-performance linux server owned by the RU Speech Research group under Jón Gúðnason <jg@ru.is>. The machine lives in DevNet (the development network in the RU basement).
The main DevNet contact is Joe Foley <foley@ru.is>. He also installed th machine machine.
h2. Status
* Earth has been reinstalled with 12.04.2 64-bit [foley]
* Kerberos/AFS has been configured [foley]
* /home is being restored from the backup disk (mounted on /mnt/backup) [foley]
h2. Installation
h3. Turn on PXE for network boot/install
# Reboot
# While the machine is rebooting, hit F2 (or F1) so that it goes to BIOS setup
## Click on system options, then networking
## Set the network adapter to have PXE enabled
## Save options
# Make sure that the machine is connected to the DevNet switches
# Reboot
h3. Netboot and pick installer
# After PXE initializes, you should get an installer menu
# Choose Ubuntu 12.04.2 64-bit (Alternate)
# You'll have to pick region and keyboard. You want to pick the Icelandic keyboard
h3. Partitioning the hard drive
It's a good idea to separate the operating system, home directory, and data storage. In addition, you will need a swap file and an AFS cache partition.
The AFS cache partition should be ext2 or ext3. To make this easier to manage, you should have all except for a boot partition in LVM (logical volume manager)
# Choose manual partitioning of hard drive
# Create a /boot primary paritition of around 300MB. Make sure it is "bootable"
# Go into the LVM manager
## Create a new physical volume with the remaining space on the drive
## Create these logical volumes with these names and sizes. You'll need to remember where they should be mounted also.
*** afscache 2GB (for @/var/cache/openafs@)
*** swap 8GB
*** slash 60GB (for @/@)
*** home 50GB (for @/home@)
*** export [Remaining space] (for @/export@)
## Save changes and exit the manager
# In the partition manager, set these options for the partitions
** boot: labeled boot, format as ext2, mounted at /boot, set "bootable" flag
** afscache: 0% reserved, labeled afscache, format as ext2 or ext3, mounted at @/var/cache/openafs@
** swap: swapspace
** slash: labeled slash, format as ext4, mounted at @/@
** home: 0% reserved, labeled home, format as ext4, mounted at @/home@
** export: 0% reserved, labeled export, format as ext4, mounted at @/export@
# Save changes
# The installation should continue for a while
h3. Picking server options
You'll have to pick a user. This is the default devnet user:
* user: devnet
* password: hakkavelin
Once everything is setup, you should delete the user (or change the password). _Avoid logging in as root unless absolutely necessary!_
This may vary, but these are probably the settings you want:
* Basic Ubuntu Server
* SSH server
* Ubuntu Desktop
h3. Kerberos (single sign on) and AFS
Follow the directions at https://samvinna.ru.is/projects/projects/devnet-documentation/wiki/AFS_Client_Installation
Very brief synopsis without some details:
# Install the packages. Remember that the Kerberos realm is DEV.RU.IS and theAFS cell is dev.ru.is. Case matters!
<pre>
sudo apt-get install krb5-auth-dialog krb5-user krb5-clients libpam-ccreds libpam-krb5 build-essential dkms linux-headers-`uname -r` openafs-modules-dkms openafs-{client,krb5}
</pre>
# Get a kerberos administrator (currently foley) to generate a keytab for @/etc/krb5.keytab@
# Add the principals for administrators into @/root/.k5login@
<pre>
foley@DEV.RU.IS
jg@DEV.RU.IS
simonhk@DEV.RU.IS
</pre>
# Reboot
# Adjust the @/etc/ssh/sshd_config@ settings to allow GSSAPI options (set them all to yes)
# see if you can ssh in using your DevNet @DEV.RU.IS principal to the root account
To add users, you need to find out the user's AFS ID.
# My AFS id is 7812 as below:
<pre> pts examine foley
libprot: unable to build security class (getting token)
libprot: Could not get afs tokens, running unauthenticated
Name: foley, id: 7812, owner: system:administrators, creator: foley.afsadm,
membership: 25, flags: S----, group quota: 20.</pre>
# sudo adduser --uid 7812 foley
## Hit return when it asks for your password and do not retry
## Fill out the user's information