Server
apt-get -y install ssh
apt-get -y install apt-cacher #[ng]
echo "Acquire::http::Proxy \"http://192.168.1.8:3142\";" | sudo tee /etc/apt/apt.conf
nano /etc/apt/sources.list
#sort out /etc/apt/sources.list
sudo apt-get update
sudo apt-get upgrade
ldap server
sudo apt-get install slapd ldap-utils migrationtools
sudo dpkg-reconfigure slapd
Omit OpenLDAP server configuration? ... No
DNS domain name: ... XXXXX.XXXXX.homeip.net
Name of your organization: ... Whatever & Co
Admin Password: XXXXX
Confirm Password: XXXXX
OK
BDB
Do you want your database to be removed when slapd is purged? ... No
Move old database? ... Yes
Allow LDAPv2 Protocol? ... No
Test
ldapsearch -x -b dc=XXXXXX,dc=XXXX,dc=homeip,dc=net
echo "dn: ou=People,dc=XXXXX,dc=XXXXXX,dc=homeip,dc=net
ou: People
objectclass: organizationalUnit
dn: ou=Group,dc=XXXXXX,dc=XXXXXXX,dc=homeip,dc=net
ou: Group
objectclass: organizationalUnit" | tee ~/people_group.ldif
cd /usr/share/migrationtools/
sudo sed -i -e 's/$DEFAULT_MAIL_DOMAIN = "padl.com";/$DEFAULT_MAIL_DOMAIN = "harrow.redballoon.homeip.net";/' /usr/share/perl5/migrate_common.ph
sudo sed -i -e 's/$DEFAULT_BASE = "dc=padl,dc=com";/$DEFAULT_BASE = "dc=XXXXX,dc=XXXXXXX,dc=homeip,dc=net";/' /usr/share/perl5/migrate_common.ph
sudo sed -i -e 's/#$IGNORE_UID_BELOW = 1000;/$IGNORE_UID_BELOW = 1002;/' /usr/share/perl5/migrate_common.ph
sudo sed -i -e 's/#$IGNORE_GID_BELOW = 100;/$IGNORE_GID_BELOW = 20;/' /usr/share/perl5/migrate_common.ph
sudo sed -i -e 's/#$IGNORE_UID_ABOVE = 9999;/$IGNORE_UID_ABOVE = 9999;/' /usr/share/perl5/migrate_common.ph
sudo sed -i -e 's/#$IGNORE_GID_ABOVE = 9999;/$IGNORE_GID_ABOVE = 9999;/' /usr/share/perl5/migrate_common.ph
./migrate_group.pl /etc/group ~/group.ldif
./migrate_passwd.pl /etc/passwd ~/passwd.ldif
echo -n "XXXXXX" | sudo tee /etc/ldap.secret
sudo chmod 600 /etc/ldap.secret
sudo ldapadd -x -W -D "cn=admin,dc=XXXX,dc=XXXX,dc=homeip,dc=net" -y /etc/ldap.secret -f ~/people_group.ldif
sudo ldapadd -x -W -D "cn=admin,dc=XXXX,dc=XXXX,dc=homeip,dc=net" -y /etc/ldap.secret -f ~/group.ldif
sudo ldapadd -x -W -D "cn=admin,dc=XXXX,dc=XXXX,dc=homeip,dc=net" -y /etc/ldap.secret -f ~/passwd.ldif
File Server
NFS server
sudo apt-get -y install nfs-server
sudo mkdir /home/staff
sudo mkdir /home/students
echo "/home/staff 192.168.1.0/255.255.255.0(rw,sync)
/home/students 192.168.1.0/255.255.255.0(rw,sync)" | sudo tee -a /etc/exports
sudo exportfs -av
install apache + php + mysql
(investigate chroot)
proxy + dansguardian
Server
Proxy setup
http://www.branchdistrictlibrary.org/professional/ubuntu_and_dansguardian_page_5.php&ei=lOMeSMveAafa0ASKtoDlBQ&sig2=GOJ6h4ZS8l6R3NRT2hK0Dw&ct=b7
http://www.google.co.uk/bookmarks/url?url=http://ubuntuforums.org/showthread.php%3Fp%3D2213171%23post2213171&ei=lOMeSMveAafa0ASKtoDlBQ&sig2=IsqEEypLsJrXozgzf2b_YA&ct=b
Firefox autoadmin.js
echo '//
lockPref("network.cookie.prefsMigrated", true);
lockPref("network.proxy.backup.ftp", "");
lockPref("network.proxy.backup.ftp_port", 0);
lockPref("network.proxy.backup.gopher", "");
lockPref("network.proxy.backup.gopher_port", 0);
lockPref("network.proxy.backup.socks", "");
lockPref("network.proxy.backup.socks_port", 0);
lockPref("network.proxy.backup.ssl", "");
lockPref("network.proxy.backup.ssl_port", 0);
lockPref("network.proxy.ftp", "192.168.1.8");
lockPref("network.proxy.ftp_port", 8080);
lockPref("network.proxy.gopher", "192.168.1.8");
lockPref("network.proxy.gopher_port", 8080);
lockPref("network.proxy.http", "192.168.1.8");
lockPref("network.proxy.http_port", 8080);
lockPref("network.proxy.no_proxies_on", "localhost, 127.0.0.1, 192.168.1.8");
lockPref("network.proxy.share_proxy_settings", true);
lockPref("network.proxy.socks", "192.168.1.8");
lockPref("network.proxy.socks_port", 8080);
lockPref("network.proxy.ssl", "192.168.1.8");
lockPref("network.proxy.ssl_port", 8080);
lockPref("network.proxy.type", 1);' | sudo tee /var/www/autoadmin.js
Thursday, May 1, 2008
ClientUbuntuHardy
Clients
ssh
sudo apt-get install openssh-server
ldap clients
sudo apt-get install libnss-ldap libpam-ldap nscd
LDAP server Uniform Resource Identifier: ldap://192.168.1.8/
Distinguished name of the search base: dc=XXXXXX,dc=XXXXXX,dc=homeip,dc=net
LDAP version to use: 3
Make local root Database admin: yes
Does the LDAP database require login? no
LDAP account for root: cn=admin,dc=XXXXXXX,dc=XXXXXXX,dc=homeip,dc=net
LDAP root account password: XXXXXXXX
sudo cp /etc/nsswitch.conf /etc/nsswitch.conf.backup
sudo apt-get install auth-client-config
sudo auth-client-config -a -p lac_ldap
Test
sudo /etc/init.d/nscd restart
getent passwd
#### If test fails you must restore the /etc/nsswitch.conf
### sudo cp /etc/nsswitch.conf.backup /etc/nsswitch.conf
## or you you could end up with an unloginable machine.
File Server
NFS client
sudo mkdir /home/staff
sudo mkdir /home/students
sudo mkdir /home/films
MYSERVER="zeus"; echo "$MYSERVER:/home/staff /home/staff nfs udp,defaults 0 0
$MYSERVER:/home/students /home/students nfs udp,defaults 0 0
$MYSERVER:/mnt/hda1/films /home/films nfs udp,defaults 0 0" | sudo tee -a /etc/fstab
sudo apt-get -y install nfs-common
sudo mount -a
Vnc Server
Package management
#medibuntu
sudo wget http://www.medibuntu.org/sources.list.d/hardy.list -O /etc/apt/sources.list.d/medibuntu.list
#cinelerra
sudo wget http://repository.akirad.net/dists/hardy.list -O /etc/apt/sources.list.d/akirad.list
wget -q http://repository.akirad.net/dists/akirad.key -O- | sudo apt-key add -
sudo echo "start"
echo "
sudo apt-get update && sudo apt-get install medibuntu-keyring
sudo apt-get update
sudo aptitude -y install msttcorefonts googleearth-4.3 googleearth-4.3-data
sudo aptitude -y install flashplugin-nonfree vlc ffmpeg mplayer mencoder gstreamer0.10-ffmpeg gstreamer0.10-pitfdll gstreamer0.10-plugins-bad-multiverse gstreamer0.10-plugins-ugly-multiverse gstreamer0.10-plugins-good gstreamer0.10-plugins-ugly-multiverse gstreamer0.10-plugins-bad-multiverse gstreamer0.10-plugins-bad gstreamer0.10-plugins-ugly gstreamer0.10-ffmpeg libxine1-ffmpeg libdvdread3 libdvdcss2 gnome-do acroread acroread-plugins mozilla-acroread youtube-dl libflashsupport w32codecs x11vnc openoffice.org-ogltrans openoffice.org-java-common" > /tmp/packages.sh
chmod +x /tmp/packages.sh
sudo /tmp/packages.sh
rm /tmp/packages.sh
#adds terminal to right click
#apt-get install nautilus-open-terminal
script queue
firefox
Setup lockdown
sudo echo "
pref(\"general.config.obscure_value\", 0);
pref(\"general.config.filename\", \"firefox.cfg\"); " | sudo tee -a /etc/firefox-3.0/pref/firefox.js
sudo echo "//
lockPref(\"autoadmin.global_config_url\",\"http://192.168.1.8/autoadmin.js\");
lockPref(\"autoadmin.append_emailaddr\",false); " | sudo tee /usr/lib/firefox-3.0b5/firefox.cfg
Info at http://mit.edu/~firefox/www/maintainers/autoconfig.html
Java
music
video
graphics
education
Fixes
Firefox
may need fixfox
Audacity
alt+F2 pkill jackd
Cinelerra package is available in 5 variants:
cinelerra (x86 and x86_64 without opengl 2.0 video card)
cinelerra-generic (all x86 and x86_64 with opengl 2.0 video card)
cinelerra-k7 (amd32 without opengl 2.0 video card)
cinelerra-k7gl (amd32 with opengl 2.0 video card)
cinelerra-k8 (amd k8 optimized with opengl 2.0 video card)
- Cinelerra must be set to work with PulseAudio. Open Cinelerra and go to Settings->Preferences->Playback->Audio Driver. Select ESound and set the following parameters:
Server:
Port: 7007
ssh
sudo apt-get install openssh-server
ldap clients
sudo apt-get install libnss-ldap libpam-ldap nscd
LDAP server Uniform Resource Identifier: ldap://192.168.1.8/
Distinguished name of the search base: dc=XXXXXX,dc=XXXXXX,dc=homeip,dc=net
LDAP version to use: 3
Make local root Database admin: yes
Does the LDAP database require login? no
LDAP account for root: cn=admin,dc=XXXXXXX,dc=XXXXXXX,dc=homeip,dc=net
LDAP root account password: XXXXXXXX
sudo cp /etc/nsswitch.conf /etc/nsswitch.conf.backup
sudo apt-get install auth-client-config
sudo auth-client-config -a -p lac_ldap
Test
sudo /etc/init.d/nscd restart
getent passwd
#### If test fails you must restore the /etc/nsswitch.conf
### sudo cp /etc/nsswitch.conf.backup /etc/nsswitch.conf
## or you you could end up with an unloginable machine.
File Server
NFS client
sudo mkdir /home/staff
sudo mkdir /home/students
sudo mkdir /home/films
MYSERVER="zeus"; echo "$MYSERVER:/home/staff /home/staff nfs udp,defaults 0 0
$MYSERVER:/home/students /home/students nfs udp,defaults 0 0
$MYSERVER:/mnt/hda1/films /home/films nfs udp,defaults 0 0" | sudo tee -a /etc/fstab
sudo apt-get -y install nfs-common
sudo mount -a
Vnc Server
Package management
#medibuntu
sudo wget http://www.medibuntu.org/sources.list.d/hardy.list -O /etc/apt/sources.list.d/medibuntu.list
#cinelerra
sudo wget http://repository.akirad.net/dists/hardy.list -O /etc/apt/sources.list.d/akirad.list
wget -q http://repository.akirad.net/dists/akirad.key -O- | sudo apt-key add -
sudo echo "start"
echo "
sudo apt-get update && sudo apt-get install medibuntu-keyring
sudo apt-get update
sudo aptitude -y install msttcorefonts googleearth-4.3 googleearth-4.3-data
sudo aptitude -y install flashplugin-nonfree vlc ffmpeg mplayer mencoder gstreamer0.10-ffmpeg gstreamer0.10-pitfdll gstreamer0.10-plugins-bad-multiverse gstreamer0.10-plugins-ugly-multiverse gstreamer0.10-plugins-good gstreamer0.10-plugins-ugly-multiverse gstreamer0.10-plugins-bad-multiverse gstreamer0.10-plugins-bad gstreamer0.10-plugins-ugly gstreamer0.10-ffmpeg libxine1-ffmpeg libdvdread3 libdvdcss2 gnome-do acroread acroread-plugins mozilla-acroread youtube-dl libflashsupport w32codecs x11vnc openoffice.org-ogltrans openoffice.org-java-common" > /tmp/packages.sh
chmod +x /tmp/packages.sh
sudo /tmp/packages.sh
rm /tmp/packages.sh
#adds terminal to right click
#apt-get install nautilus-open-terminal
script queue
firefox
Setup lockdown
sudo echo "
pref(\"general.config.obscure_value\", 0);
pref(\"general.config.filename\", \"firefox.cfg\"); " | sudo tee -a /etc/firefox-3.0/pref/firefox.js
sudo echo "//
lockPref(\"autoadmin.global_config_url\",\"http://192.168.1.8/autoadmin.js\");
lockPref(\"autoadmin.append_emailaddr\",false); " | sudo tee /usr/lib/firefox-3.0b5/firefox.cfg
Info at http://mit.edu/~firefox/www/maintainers/autoconfig.html
Java
music
video
graphics
education
Fixes
Firefox
may need fixfox
Audacity
alt+F2 pkill jackd
Cinelerra package is available in 5 variants:
cinelerra (x86 and x86_64 without opengl 2.0 video card)
cinelerra-generic (all x86 and x86_64 with opengl 2.0 video card)
cinelerra-k7 (amd32 without opengl 2.0 video card)
cinelerra-k7gl (amd32 with opengl 2.0 video card)
cinelerra-k8 (amd k8 optimized with opengl 2.0 video card)
- Cinelerra must be set to work with PulseAudio. Open Cinelerra and go to Settings->Preferences->Playback->Audio Driver. Select ESound and set the following parameters:
Server:
Port: 7007
Subscribe to:
Posts (Atom)