Difference between revisions of "TSL"

From Department of Computer Science
 
(106 intermediate revisions by 5 users not shown)
Line 1: Line 1:
 
== TSL Todo list ==
 
== TSL Todo list ==
  
* Shorten / tie up flyleads
+
* Set BIOS passwords
* Provide tied down flyleads in the laptop areas (areas without PCs)
+
* Lock down network ports (MAC address)
* Build new image & re-image computers
 
 
* Install replaced / fixed computers
 
* Install replaced / fixed computers
 +
* Roll out Karmic
  
 
== Current problems ==
 
== Current problems ==
;Network Sockets: SLAB013 SLAB016.
+
; Power Sockets: pc44
;Power Sockets: pc48
+
; Security Lug on PC: pc44
;Bad Images: 1,2,3,5,12,14,17,20,44,45,47,70,74
+
; Low Memory (256M): pc55
;Grub broken: 7, 8, 9, 12, 23, 35
+
; Bad HDD / BIOS: pc84
 +
; BIOS Locked: pc79
 +
 
 +
=== Known Unreliable machines ===
 +
; pc59: Unknown (2 Oct 2009)
 +
; pc09: Bad network card, sensitive to cable position (2 Oct 2009)
 +
; pc69: Thermal event (9 Oct 2009)
 +
; pc07: BIOS Battery? (9 Oct 2009)
 +
; pc21: BIOS Battery? (9 Oct 2009)
 +
; pc76: Cold boot reqd (16 Oct 2009)
 +
; pc46: Broken facade (16 Oct 2009)
 +
; pc16: BIOS Battery? (16 Oct 2009)
 +
; pc56: Lock cable doesn't pass through loop
 +
 
 +
=== Row 1 ===
 +
;Working: 6
 +
;Power: pc48
 +
;No Power button: pc to the left of it
 +
 
 +
=== Row 2 ===
 +
; Working: 7
 +
; Missing: 1
 +
 
 +
=== Row 3 ===
 +
; Working: 8
 +
 
 +
=== Row 4 ===
 +
; Working: 8
 +
 
 +
=== Row 5 ===
 +
; Working: 4
 +
; Missing: 2
 +
; Dead HDD: pc77
 +
; Mouse cut: pc82
 +
; VGA cut: pc-missing
 +
 
 +
=== Row 6 ===
 +
; Working: 3
 +
; Missing: 1
 +
; All cables need tying
 +
 
 +
=== Long Row 1 ===
 +
(by windows)
 +
; Working: 16
 +
; Missing: 0
 +
; No flylead: pc02
 +
; Lock doesn't attach pc to desk: pc31
 +
 
 +
=== Long Row 2 ===
 +
; Working: 15
 +
; Missing: 1
 +
; Dusty: pc30
 +
; No power button: next to pc40
 +
 
 +
== Wishlist for next rollout ==
  
 
== Image ==
 
== Image ==
Line 18: Line 72:
  
 
to get a list you can install
 
to get a list you can install
 +
 +
=== Not available in Karmic, but wanted in future ===
 +
* eclipse-cdt
 +
* eclipse-pydev
 +
* dillo
 +
* trayer
  
 
=== Games ===
 
=== Games ===
 
* bsdgames
 
* bsdgames
 
* bzflag
 
* bzflag
 +
* dosbox
 +
* einstein
 
* frozen-bubble
 
* frozen-bubble
 
* gnome-games
 
* gnome-games
 
* gtetrinet
 
* gtetrinet
 +
* kobodeluxe
 
* neverball
 
* neverball
 +
* nexuiz
 
* openarena
 
* openarena
 
* openttd
 
* openttd
 
* pingus
 
* pingus
 +
* scummvm
 
* teeworlds
 
* teeworlds
 
* tetrinet-client
 
* tetrinet-client
 
* wesnoth
 
* wesnoth
 
* wormux
 
* wormux
 +
* xmoto
 +
 +
=== Themes ===
 +
* arc-colors
 +
* community-themes
 +
* gdm-themes
 +
* gnome-backgrounds
 +
* gnome-colors
 +
* gnome-themes
 +
* gnome-themes-extras
 +
* gnome-themes-more
 +
* metacity-themes
 +
* shiki-colors
  
 
=== Editors ===
 
=== Editors ===
Line 43: Line 121:
 
* emacs
 
* emacs
 
* emacs-snapshot
 
* emacs-snapshot
 +
* emacs-goodies-el
 
* eric
 
* eric
 
* geany
 
* geany
Line 52: Line 131:
 
* kdevelop
 
* kdevelop
 
* lyx
 
* lyx
 +
* monodevelop
 +
* monodevelop-java
 
* netbeans
 
* netbeans
 
* scite
 
* scite
 
* spe
 
* spe
* vim-full
+
* vim-gtk
 +
* vim-nox
 +
* vim-latexsuite
 +
* vim-vimoutliner
 
* xemacs21
 
* xemacs21
  
Line 81: Line 165:
 
* gtkmm-documentation
 
* gtkmm-documentation
 
* haskell-doc
 
* haskell-doc
 +
* jlint-doc
 
* libboost-doc
 
* libboost-doc
* libgtkmm-doc
 
 
* manpages-dev
 
* manpages-dev
 
* octave-doc
 
* octave-doc
Line 93: Line 177:
 
* qt4-doc
 
* qt4-doc
 
* r-doc-html
 
* r-doc-html
 +
* rubybook
 +
* splint-doc-html
 
* stl-manual
 
* stl-manual
 
* sun-java6-doc
 
* sun-java6-doc
 +
* tidy-doc
 
* xchm
 
* xchm
 
* zsh-doc
 
* zsh-doc
Line 114: Line 201:
 
=== Debugging ===
 
=== Debugging ===
 
* ddd
 
* ddd
 +
* d-feet
 
* lsof
 
* lsof
 
* ltrace
 
* ltrace
Line 129: Line 217:
 
* clisp
 
* clisp
 
* cmake
 
* cmake
 +
* csstidy
 
* devscripts
 
* devscripts
 +
* dh-make
 
* docbook
 
* docbook
 
* flex
 
* flex
Line 143: Line 233:
 
* graphviz
 
* graphviz
 
* ipython
 
* ipython
 +
* jlint
 
* kiki
 
* kiki
 
* libboost-dev
 
* libboost-dev
Line 161: Line 252:
 
* libsdl-stretch-dev
 
* libsdl-stretch-dev
 
* libsdl-ttf2.0-dev
 
* libsdl-ttf2.0-dev
 +
* linklint
 
* malbolge
 
* malbolge
 
* mesa-utils
 
* mesa-utils
 +
* mono-debugger
 
* octave
 
* octave
 +
* perltidy
 
* php5-cli
 
* php5-cli
 +
* php5-tidy
 
* posh
 
* posh
 
* pyflakes
 
* pyflakes
Line 175: Line 270:
 
* python-crypto
 
* python-crypto
 
* python-dateutil
 
* python-dateutil
 +
* python-django
 +
* python-fuse
 
* python-gmpy
 
* python-gmpy
 
* python-html5lib
 
* python-html5lib
 
* python-jinja
 
* python-jinja
 
* python-matplotlib
 
* python-matplotlib
 +
* python-profiler
 +
* python-psyco
 
* python-pydot
 
* python-pydot
 
* python-pygame
 
* python-pygame
 
* python-pysqlite2
 
* python-pysqlite2
 
* python-qt4
 
* python-qt4
 +
* python-sphinx
 
* python-simplejson
 
* python-simplejson
 
* python-scipy
 
* python-scipy
 
* python-soappy
 
* python-soappy
 
* python-sqlalchemy
 
* python-sqlalchemy
 +
* python-turbogears
 
* python-twisted
 
* python-twisted
 
* python-visual
 
* python-visual
 
* qt4-designer
 
* qt4-designer
 
* r-recommended
 
* r-recommended
 +
* ruby-full
 +
* ruby-gnome2
 +
* ruby-kde4
 
* speedcrunch
 
* speedcrunch
 +
* splint
 
* sun-java6-jdk
 
* sun-java6-jdk
 
* sun-java6-plugin
 
* sun-java6-plugin
 +
* tidy
 
* texlive-full
 
* texlive-full
 
* wxmaxima
 
* wxmaxima
Line 200: Line 306:
 
* ascii
 
* ascii
 
* ack-grep
 
* ack-grep
 +
* cadaver
 +
* clusterssh
 +
* cowsay
 
* curl
 
* curl
 
* dot2tex
 
* dot2tex
 
* elinks
 
* elinks
 +
* figlet
 +
* fortune-mod
 +
* hping3
 
* htop
 
* htop
 
* indent
 
* indent
Line 220: Line 332:
 
* pdftk
 
* pdftk
 
* poppler-utils
 
* poppler-utils
 +
* pssh
 
* pwgen
 
* pwgen
 +
* qemu
 
* quota
 
* quota
 
* rsync
 
* rsync
 
* screen
 
* screen
 +
* sl
 +
* socat
 +
* star
 +
* toilet
 
* traceroute
 
* traceroute
 
* tsocks
 
* tsocks
Line 234: Line 352:
  
 
=== System ===
 
=== System ===
 +
* alien
 
* cntlm
 
* cntlm
 +
* fusedav
 +
* fuseiso
 +
* fusesmb
 
* ldap-auth-client
 
* ldap-auth-client
 
* ldap-utils
 
* ldap-utils
Line 243: Line 365:
 
* openssh-server
 
* openssh-server
 
* smartmontools
 
* smartmontools
 +
* sshfs
 
* tmpreaper
 
* tmpreaper
 
* wbritish
 
* wbritish
Line 270: Line 393:
 
* blender
 
* blender
 
* dia
 
* dia
 +
* dwm-tools
 
* epiphany-browser
 
* epiphany-browser
* firefox-3.5
 
 
* flashplugin-nonfree
 
* flashplugin-nonfree
 
* fluxbox
 
* fluxbox
 
* gajim
 
* gajim
 
* gnumeric
 
* gnumeric
 +
* gwibber
 
* impressive
 
* impressive
 
* inkscape
 
* inkscape
Line 285: Line 409:
 
* openoffice.org-draw
 
* openoffice.org-draw
 
* openoffice.org-pdfimport
 
* openoffice.org-pdfimport
 +
* pcmanfm
 
* pdfedit
 
* pdfedit
 
* pidgin-plugin-pack
 
* pidgin-plugin-pack
Line 290: Line 415:
 
* rdesktop
 
* rdesktop
 
* scribus
 
* scribus
 +
* stalonetray
 
* ubuntu-restricted-extras
 
* ubuntu-restricted-extras
 
* wine
 
* wine
Line 309: Line 435:
  
 
=== Fonts ===
 
=== Fonts ===
* ttf-adf
 
 
* ttf-aenigma
 
* ttf-aenigma
 
* ttf-atarismall
 
* ttf-atarismall
Line 356: Line 481:
 
* any MTA
 
* any MTA
 
* old kernels
 
* old kernels
* network-manager, gdm-guest-session
 
 
* shut down unnecessary services
 
* shut down unnecessary services
 
* Spring clean /etc/xdg/autostart
 
* Spring clean /etc/xdg/autostart
 +
* Use the PolicyKit Authorizations manager to disable suspend and hibernate for normal users.
 +
* rm /etc/hostname
 +
* Remove the 127.0.1.1 line from /etc/hosts
  
 
Configure:
 
Configure:
 
* /etc/apt/sources.list
 
* /etc/apt/sources.list
  deb http://ftp.leg.uct.ac.za/pub/linux/ubuntu jaunty main universe multiverse restricted
+
  deb http://ftp.leg.uct.ac.za/ubuntu lucid main universe multiverse restricted
  deb http://ftp.leg.uct.ac.za/pub/linux/ubuntu jaunty-security main universe multiverse restricted
+
deb http://ftp.leg.uct.ac.za/ubuntu lucid-updates main universe multiverse restricted
  deb http://ftp.leg.uct.ac.za/pub/linux/medibuntu jaunty free non-free
+
  deb http://ftp.leg.uct.ac.za/ubuntu lucid-security main universe multiverse restricted
 +
deb http://ftp.leg.uct.ac.za/medibuntu lucid free non-free
 +
  deb http://ftp.leg.uct.ac.za/pub/linux/tsl-ppa lucid main
 +
* Install
 +
medibuntu-keyring, tsl-desktop
 
* /etc/openntpd/ntpd.conf
 
* /etc/openntpd/ntpd.conf
 
  server ntp1.uct.ac.za
 
  server ntp1.uct.ac.za
Line 371: Line 502:
 
  server dreamcoat.che.uct.ac.za
 
  server dreamcoat.che.uct.ac.za
 
  server emperor.che.uct.ac.za
 
  server emperor.che.uct.ac.za
 +
* visudo
 +
Defaults        env_reset
 +
root    ALL=(ALL) ALL
 +
%admin ALL=(ALL) NOPASSWD: ALL
 +
* /root/.ssh/authorized_keys
 +
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAw4nGVrw+0uJpjJecuL8qjhm0O67ZrXux79fgN2ChdJoiB47KrIfgbWbpdHQiBWWDQjm9ttyf48/kLWwWbSW/DYKxRAH2vSCbpPaabqHB+ixaDKX9Vh8S0fNiOrZnWLwKmgnsdUV08ivk25k5d4NFSjmKvr6Dsp8RyCr+1sZfpdKOu+J1thwlNVkOFJxKxWwezgfflc/+KGbhFCH8Ya0hzellYQiX3px659Ydx4PdSGhT/Td7MK0onC1lK5X2hU3QSr49fwji06lAig1dpHeS4dnOFu2gxFRvlLZqmj31rwIVXQqoZyiIUuAs9EnFKfUVR34k5v20baXQ1bRqd4HgEQ== TSL Key
 
* /etc/tmpreaper.conf
 
* /etc/tmpreaper.conf
 
  SHOWWARNING=false
 
  SHOWWARNING=false
* /etc/eclipse/java_home
 
/usr/lib/jvm/java-6-sun
 
* /usr/lib/eclipse/configuration/config.ini
 
org.eclipse.jdt.core.classpathVariable.JRE_LIB=/usr/lib/jvm/java-6-sun/jre/lib/rt.jar
 
 
* /etc/update-manager/meta-release
 
* /etc/update-manager/meta-release
 
  URI = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release
 
  URI = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release
 
  URI_LTS = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release-lts
 
  URI_LTS = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release-lts
* /etc/yp.conf
+
* /etc/apt/apt.conf.d/50unattended-upgrades
  ypserver 137.158.56.6
+
Unattended-Upgrade::Allowed-Origins {
 +
        "Ubuntu lucid-security";
 +
        "Ubuntu lucid-updates";
 +
        "Ubuntu lucid";
 +
        "Medibuntu lucid";
 +
        "LP-PPA-stefanor-tsl lucid";
 +
  };
 +
Unattended-Upgrade::Remove-Unused-Dependencies "true";
 +
Unattended-Upgrade::Automatic-Reboot "true";
 +
* /etc/grub.d/01_tsl_password
 +
#!/bin/sh
 +
set -e
 +
cat << EOF
 +
set superusers="root"
 +
password_pbkdf2 root grub.pbkdf2.sha512.10000.3712EBD4A97D0FAAA7008F8AB0FFDB733EFB913434799BC1A5E1CE2C91345A61E06BE8A1C8F9276AD46B99B7DE721B00151318B186DD33104239DF4161936A1A.7F07A1B5B046FBA4F6BE254C3923A391B2D668CF6F074C78FC77D9613434FA4F8F12E74F8A2DC74B85CBAC590F1B92A5AC285035D6915AD0A8FFE676FFC85F5D
 +
EOF
 +
 
 
* /etc/nsswitch.conf
 
* /etc/nsswitch.conf
  passwd:        nis files
+
  passwd:        files ldap
  group:          compat nis files
+
  group:          files ldap
  shadow:        nis files
+
  shadow:        files ldap
 
* /etc/fstab:
 
* /etc/fstab:
 
  tsl.uct.ac.za:/home /home nfs rw,sync 0 0
 
  tsl.uct.ac.za:/home /home nfs rw,sync 0 0
 
* /etc/ldap.conf:
 
* /etc/ldap.conf:
  uri ldaps://ucttldap1.uct.ac.za/ ldaps://ucttldap2.uct.ac.za/ ldaps://ucttldap3.uct.ac.za/
+
  base dc=tsl,dc=uct,dc=ac,dc=za
  base  ou=main, o=uct
+
uri ldaps://tsl.uct.ac.za/
pam_filter objectclass=ndsloginproperties
+
  ldap_version 3
pam_login_attribute cn
+
  pam_password md5
  pam_password nds
 
 
  tls_checkpeer no
 
  tls_checkpeer no
 
* /etc/security/group.conf
 
* /etc/security/group.conf
  *;*;*;Al0000-2400; audio,floppy,video,cdrom,plugdev
+
  *;*;*;Al0000-2400; audio,floppy,video,cdrom,plugdev,fuse
 
* /etc/firefox-3.[05]/pref/firefox.js
 
* /etc/firefox-3.[05]/pref/firefox.js
 
  // UCT Proxy
 
  // UCT Proxy
Line 406: Line 554:
 
* /etc/firefox-homepage.properties
 
* /etc/firefox-homepage.properties
 
  browser.startup.homepage=http://www.tsl.uct.ac.za/
 
  browser.startup.homepage=http://www.tsl.uct.ac.za/
* /usr/share/gdm/themes/Human/Human.xml
 
  <!-- TSL Help -->
 
  <item type="rect" id="custom-tsl-help">
 
    <pos y="10%" width="box" height="box" x="50%" anchor="n"/>
 
    <box spacing="2" orientation="vertical">
 
      <item type="label">
 
        <pos x="50%" anchor="n"/>
 
        <normal font="Sans 14" color="#ffffff"/>
 
        <text>Problems?</text>
 
      </item>
 
      <item type="label">
 
        <normal font="Sans 12" color="#ffffff"/>
 
        <text>e-mail help@tsl.uct.ac.za</text>
 
      </item>
 
    </box>
 
  </item>
 
 
* /etc/gconf/gconf.xml.mandatory/%gconf-tree.xml
 
* /etc/gconf/gconf.xml.mandatory/%gconf-tree.xml
 
  <nowiki><?xml version="1.0"?>
 
  <nowiki><?xml version="1.0"?>
Line 429: Line 561:
 
  <dir name="preferences">
 
  <dir name="preferences">
 
  <entry name="thumbnail_limit" mtime="1252410114" type="int" value="512000"/>
 
  <entry name="thumbnail_limit" mtime="1252410114" type="int" value="512000"/>
 +
</dir>
 +
</dir>
 +
<dir name="gdm">
 +
<dir name="simple-greeter">
 +
<entry name="banner_message_enable" mtime="1268226887" type="bool" value="true"/>
 +
<entry name="banner_message_text" mtime="1268226887" type="string">
 +
<stringvalue>Any problems? Email help@tsl.uct.ac.za</stringvalue>
 +
</entry>
 +
<entry name="disable_user_list" mtime="1268226887" type="bool" value="true"/>
 
  </dir>
 
  </dir>
 
  </dir>
 
  </dir>
Line 479: Line 620:
 
  </gconf>
 
  </gconf>
 
</nowiki>
 
</nowiki>
* /etc/default/acpi-support
+
* chmod 500 /var/lib/gdm/.gconf
  ACPI_SLEEP=false
+
* /var/lib/gdm/.gconf.path
  ACPI_HIBERNATE=false
+
# treat system-wide settings as mandatory
 +
xml:readonly:/etc/gconf/gconf.xml.system
 +
 +
# override some settings
 +
# we treat settings in this location as
 +
# owned by GDM.  Sysadmins should create
 +
# another source if they wish to override them.
 +
xml:readonly:$(HOME)/.gconf.mandatory
 +
 +
  # distribution default values
 +
  xml:readonly:$(HOME)/.gconf.defaults
 
* /etc/cntlm.conf
 
* /etc/cntlm.conf
 
  Domain          WF
 
  Domain          WF
Line 487: Line 638:
 
  Listen          8080
 
  Listen          8080
 
  NTLMToBasic    yes
 
  NTLMToBasic    yes
 +
 +
=== Pre-imaging ===
 +
 +
* Remove the two lines from /etc/udev/rules.d/70-persistent-net.rules
 +
* A bunch of other useful things to remove: http://live.debian.net/gitweb?p=live-build.git;a=blob;f=scripts/build/lb_chroot_hacks

Latest revision as of 16:10, 12 October 2011

TSL Todo list

  • Set BIOS passwords
  • Lock down network ports (MAC address)
  • Install replaced / fixed computers
  • Roll out Karmic

Current problems

Power Sockets
pc44
Security Lug on PC
pc44
Low Memory (256M)
pc55
Bad HDD / BIOS
pc84
BIOS Locked
pc79

Known Unreliable machines

pc59
Unknown (2 Oct 2009)
pc09
Bad network card, sensitive to cable position (2 Oct 2009)
pc69
Thermal event (9 Oct 2009)
pc07
BIOS Battery? (9 Oct 2009)
pc21
BIOS Battery? (9 Oct 2009)
pc76
Cold boot reqd (16 Oct 2009)
pc46
Broken facade (16 Oct 2009)
pc16
BIOS Battery? (16 Oct 2009)
pc56
Lock cable doesn't pass through loop

Row 1

Working
6
Power
pc48
No Power button
pc to the left of it

Row 2

Working
7
Missing
1

Row 3

Working
8

Row 4

Working
8

Row 5

Working
4
Missing
2
Dead HDD
pc77
Mouse cut
pc82
VGA cut
pc-missing

Row 6

Working
3
Missing
1
All cables need tying

Long Row 1

(by windows)

Working
16
Missing
0
No flylead
pc02
Lock doesn't attach pc to desk
pc31

Long Row 2

Working
15
Missing
1
Dusty
pc30
No power button
next to pc40

Wishlist for next rollout

Image

Paste the source of the following into:

sed -ne 's/^* // p' | tr '\n' ' '; echo

to get a list you can install

Not available in Karmic, but wanted in future

  • eclipse-cdt
  • eclipse-pydev
  • dillo
  • trayer

Games

  • bsdgames
  • bzflag
  • dosbox
  • einstein
  • frozen-bubble
  • gnome-games
  • gtetrinet
  • kobodeluxe
  • neverball
  • nexuiz
  • openarena
  • openttd
  • pingus
  • scummvm
  • teeworlds
  • tetrinet-client
  • wesnoth
  • wormux
  • xmoto

Themes

  • arc-colors
  • community-themes
  • gdm-themes
  • gnome-backgrounds
  • gnome-colors
  • gnome-themes
  • gnome-themes-extras
  • gnome-themes-more
  • metacity-themes
  • shiki-colors

Editors

  • anjuta
  • bluefish
  • codeblocks
  • eclipse
  • eclipse-cdt
  • eclipse-pydev
  • emacs
  • emacs-snapshot
  • emacs-goodies-el
  • eric
  • geany
  • idle
  • idle-python2.5
  • idle3
  • joe
  • kate
  • kdevelop
  • lyx
  • monodevelop
  • monodevelop-java
  • netbeans
  • scite
  • spe
  • vim-gtk
  • vim-nox
  • vim-latexsuite
  • vim-vimoutliner
  • xemacs21

Docs

  • ant-doc
  • apache2-doc
  • aspell-doc
  • autoconf-doc
  • automake1.9-doc
  • bash-doc
  • cdrkit-doc
  • ddd-doc
  • devhelp
  • diveintopython
  • doxygen-doc
  • flex-doc
  • gawk-doc
  • gcc-doc
  • gdb-doc
  • git-doc
  • glut-doc
  • gmp-doc
  • gnuplot-doc
  • graphviz-doc
  • gtkmm-documentation
  • haskell-doc
  • jlint-doc
  • libboost-doc
  • manpages-dev
  • octave-doc
  • perl-doc
  • php-doc
  • python-doc
  • python-matplotlib-doc
  • python-numpy-doc
  • python-qt4-doc
  • qt4-doc
  • r-doc-html
  • rubybook
  • splint-doc-html
  • stl-manual
  • sun-java6-doc
  • tidy-doc
  • xchm
  • zsh-doc

Version Control

  • cvs
  • bzr
  • bzr-gtk
  • bzr-svn
  • bzrtools
  • darcs
  • git-core
  • meld
  • mercurial
  • subversion
  • subversion-tools
  • svk

Debugging

  • ddd
  • d-feet
  • lsof
  • ltrace
  • strace
  • valgrind

Programming

  • ant
  • ant-optional
  • bicyclerepair
  • bison
  • bpython
  • bsh
  • build-essential
  • clisp
  • cmake
  • csstidy
  • devscripts
  • dh-make
  • docbook
  • flex
  • freeglut3-dev
  • fpc
  • gcc-4.1
  • gdc
  • g++-4.1
  • gengetopt
  • ghc
  • gnome-devel
  • gnuplot
  • graphviz
  • ipython
  • jlint
  • kiki
  • libboost-dev
  • libcurl4-openssl-dev
  • libghc6-xmonad-dev
  • libgtkmm-2.4-dev
  • libphobos-4.2-dev
  • libqt4-dev
  • libqwt-dev
  • libsdl-console-dev
  • libsdl-dev
  • libsdl-gfx1.2-dev
  • libsdl-image1.2-dev
  • libsdl-mixer1.2-dev
  • libsdl-net1.2-dev
  • libsdl-pango-dev
  • libsdl-sound1.2-dev
  • libsdl-stretch-dev
  • libsdl-ttf2.0-dev
  • linklint
  • malbolge
  • mesa-utils
  • mono-debugger
  • octave
  • perltidy
  • php5-cli
  • php5-tidy
  • posh
  • pyflakes
  • pylint
  • python3
  • python-all-dev
  • python-beautifulsoup
  • python-celementtree
  • python-configobj
  • python-crypto
  • python-dateutil
  • python-django
  • python-fuse
  • python-gmpy
  • python-html5lib
  • python-jinja
  • python-matplotlib
  • python-profiler
  • python-psyco
  • python-pydot
  • python-pygame
  • python-pysqlite2
  • python-qt4
  • python-sphinx
  • python-simplejson
  • python-scipy
  • python-soappy
  • python-sqlalchemy
  • python-turbogears
  • python-twisted
  • python-visual
  • qt4-designer
  • r-recommended
  • ruby-full
  • ruby-gnome2
  • ruby-kde4
  • speedcrunch
  • splint
  • sun-java6-jdk
  • sun-java6-plugin
  • tidy
  • texlive-full
  • wxmaxima

Command Line

  • ascii
  • ack-grep
  • cadaver
  • clusterssh
  • cowsay
  • curl
  • dot2tex
  • elinks
  • figlet
  • fortune-mod
  • hping3
  • htop
  • indent
  • imagemagick
  • irssi
  • links
  • links2
  • lftp
  • lynx
  • manpages
  • moreutils
  • mtr-tiny
  • openssl
  • p7zip-full
  • p7zip-rar
  • pdfjam
  • pdftk
  • poppler-utils
  • pssh
  • pwgen
  • qemu
  • quota
  • rsync
  • screen
  • sl
  • socat
  • star
  • toilet
  • traceroute
  • tsocks
  • units
  • unrar
  • unzip
  • w3m
  • whois
  • zsh

System

  • alien
  • cntlm
  • fusedav
  • fuseiso
  • fusesmb
  • ldap-auth-client
  • ldap-utils
  • ncpfs
  • nis
  • nfs-common
  • openntpd
  • openssh-server
  • smartmontools
  • sshfs
  • tmpreaper
  • wbritish

Databases

  • mysql-client
  • mysql-doc-5.0
  • libmysqlclient-dev
  • libmysql++-dev
  • libpg-java
  • libpq-dev
  • libpqxx-dev
  • libsqlite-dev
  • php5-mysql
  • php5-sqlite
  • php5-pgsql
  • postgresql-client
  • postgresql-doc
  • python-mysqldb
  • python-psycopg2
  • sqlite3
  • sqlite3-doc

Other

  • abiword
  • amarok
  • blender
  • dia
  • dwm-tools
  • epiphany-browser
  • flashplugin-nonfree
  • fluxbox
  • gajim
  • gnumeric
  • gwibber
  • impressive
  • inkscape
  • konsole
  • konqueror
  • konversation
  • linuxdcpp
  • midori
  • openoffice.org-draw
  • openoffice.org-pdfimport
  • pcmanfm
  • pdfedit
  • pidgin-plugin-pack
  • planner
  • rdesktop
  • scribus
  • stalonetray
  • ubuntu-restricted-extras
  • wine
  • yakuake
  • xchat
  • xtightvncviewer
  • xmonad

Multimedia

  • ffmpeg
  • non-free-codecs
  • libavdevice-unstripped-52
  • libavfilter-unstripped-0
  • libavformat-unstripped-52
  • mencoder
  • mplayer
  • vlc
  • youtube-dl

Fonts

  • ttf-aenigma
  • ttf-atarismall
  • ttf-beteckna
  • ttf-breip
  • ttf-droid
  • ttf-dustin
  • ttf-ecolier-court
  • ttf-ecolier-lignes-court
  • ttf-engadget
  • ttf-essays1743
  • ttf-f500
  • ttf-fifthhorseman-dkg-handwriting
  • ttf-georgewilliams
  • ttf-goudybookletter
  • ttf-inconsolata
  • ttf-isabella
  • ttf-jsmath
  • ttf-junicode
  • ttf-konatu
  • ttf-larabie-deco
  • ttf-larabie-straight
  • ttf-larabie-uncommon
  • ttf-linux-libertine
  • ttf-marvosym
  • ttf-mscorefonts-installer
  • ttf-ocr-a
  • ttf-oflb-asana-math
  • ttf-oflb-euterpe
  • ttf-radisnoir
  • ttf-sil-gentium
  • ttf-sil-gentium-basic
  • ttf-sjfonts
  • ttf-staypuft
  • ttf-summersby
  • ttf-tomsontalks
  • ttf-tuffy
  • ttf-ubuntu-title
  • ttf-unifont
  • ttf-xfree86-nonfree

Post Install

Get rid of:

  • any MTA
  • old kernels
  • shut down unnecessary services
  • Spring clean /etc/xdg/autostart
  • Use the PolicyKit Authorizations manager to disable suspend and hibernate for normal users.
  • rm /etc/hostname
  • Remove the 127.0.1.1 line from /etc/hosts

Configure:

  • /etc/apt/sources.list
deb http://ftp.leg.uct.ac.za/ubuntu lucid main universe multiverse restricted
deb http://ftp.leg.uct.ac.za/ubuntu lucid-updates main universe multiverse restricted
deb http://ftp.leg.uct.ac.za/ubuntu lucid-security main universe multiverse restricted
deb http://ftp.leg.uct.ac.za/medibuntu lucid free non-free
deb http://ftp.leg.uct.ac.za/pub/linux/tsl-ppa lucid main
  • Install
medibuntu-keyring, tsl-desktop
  • /etc/openntpd/ntpd.conf
server ntp1.uct.ac.za
server ntp2.uct.ac.za
server ntp3.uct.ac.za
server dreamcoat.che.uct.ac.za
server emperor.che.uct.ac.za
  • visudo
Defaults        env_reset
root    ALL=(ALL) ALL
%admin ALL=(ALL) NOPASSWD: ALL
  • /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAw4nGVrw+0uJpjJecuL8qjhm0O67ZrXux79fgN2ChdJoiB47KrIfgbWbpdHQiBWWDQjm9ttyf48/kLWwWbSW/DYKxRAH2vSCbpPaabqHB+ixaDKX9Vh8S0fNiOrZnWLwKmgnsdUV08ivk25k5d4NFSjmKvr6Dsp8RyCr+1sZfpdKOu+J1thwlNVkOFJxKxWwezgfflc/+KGbhFCH8Ya0hzellYQiX3px659Ydx4PdSGhT/Td7MK0onC1lK5X2hU3QSr49fwji06lAig1dpHeS4dnOFu2gxFRvlLZqmj31rwIVXQqoZyiIUuAs9EnFKfUVR34k5v20baXQ1bRqd4HgEQ== TSL Key
  • /etc/tmpreaper.conf
SHOWWARNING=false
  • /etc/update-manager/meta-release
URI = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release
URI_LTS = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release-lts
  • /etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Allowed-Origins {
        "Ubuntu lucid-security";
        "Ubuntu lucid-updates";
        "Ubuntu lucid";
        "Medibuntu lucid";
        "LP-PPA-stefanor-tsl lucid";
};
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Automatic-Reboot "true";
  • /etc/grub.d/01_tsl_password
#!/bin/sh
set -e
cat << EOF
set superusers="root"
password_pbkdf2 root grub.pbkdf2.sha512.10000.3712EBD4A97D0FAAA7008F8AB0FFDB733EFB913434799BC1A5E1CE2C91345A61E06BE8A1C8F9276AD46B99B7DE721B00151318B186DD33104239DF4161936A1A.7F07A1B5B046FBA4F6BE254C3923A391B2D668CF6F074C78FC77D9613434FA4F8F12E74F8A2DC74B85CBAC590F1B92A5AC285035D6915AD0A8FFE676FFC85F5D
EOF
  • /etc/nsswitch.conf
passwd:         files ldap
group:          files ldap
shadow:         files ldap
  • /etc/fstab:
tsl.uct.ac.za:/home	/home	nfs	rw,sync		0	0
  • /etc/ldap.conf:
base dc=tsl,dc=uct,dc=ac,dc=za
uri ldaps://tsl.uct.ac.za/
ldap_version 3
pam_password md5
tls_checkpeer no
  • /etc/security/group.conf
*;*;*;Al0000-2400; audio,floppy,video,cdrom,plugdev,fuse
  • /etc/firefox-3.[05]/pref/firefox.js
// UCT Proxy
pref("network.proxy.autoconfig_url", "http://www.uct.ac.za/cache.pac");
pref("network.proxy.type", 2);
pref("browser.cache.disk.capacity", 3000);
  • /etc/firefox-3.[05]/pref/ubufox.js
pref("browser.startup.homepage", "file:/etc/firefox-homepage.properties");
  • /etc/firefox-homepage.properties
browser.startup.homepage=http://www.tsl.uct.ac.za/
  • /etc/gconf/gconf.xml.mandatory/%gconf-tree.xml
<?xml version="1.0"?>
 <gconf>
 	<dir name="apps">
 		<dir name="nautilus">
 			<dir name="preferences">
 				<entry name="thumbnail_limit" mtime="1252410114" type="int" value="512000"/>
 			</dir>
 		</dir>
 		<dir name="gdm">
 			<dir name="simple-greeter">
				<entry name="banner_message_enable" mtime="1268226887" type="bool" value="true"/>
				<entry name="banner_message_text" mtime="1268226887" type="string">
					<stringvalue>Any problems? Email help@tsl.uct.ac.za</stringvalue>
				</entry>
				<entry name="disable_user_list" mtime="1268226887" type="bool" value="true"/>
 			</dir>
 		</dir>
 	</dir>
 	<dir name="desktop">
 		<dir name="gnome">
 			<dir name="applications">
 				<dir name="window_manager">
 					<entry name="default" mtime="1252403218" type="string">
 						<stringvalue>/usr/bin/metacity</stringvalue>
 					</entry>
 				</dir>
 			</dir>
 		</dir>
 	</dir>
 	<dir name="system">
 		<dir name="http_proxy">
 			<entry name="ignore_hosts" mtime="1252519008" type="list" ltype="string">
 				<li type="string">
 					<stringvalue>localhost</stringvalue>
 				</li>
 				<li type="string">
 					<stringvalue>127.0.0.0/8</stringvalue>
 				</li>
 				<li type="string">
 					<stringvalue>*.local</stringvalue>
 				</li>
 				<li type="string">
 					<stringvalue>137.158.0.0/16</stringvalue>
 				</li>
 				<li type="string">
 					<stringvalue>*.uct.ac.za</stringvalue>
 				</li>
 			</entry>
 			<entry name="host" mtime="1252518985" type="string">
 				<stringvalue>localhost</stringvalue>
 			</entry>
 			<entry name="use_http_proxy" mtime="1252519071" type="bool" value="true"/>
 		</dir>
 		<dir name="proxy">
 			<entry name="secure_port" mtime="1252518992" type="int" value="8080"/>
 			<entry name="secure_host" mtime="1252518987" type="string">
 				<stringvalue>localhost</stringvalue>
 			</entry>
 			<entry name="mode" mtime="1252518982" type="string">
 				<stringvalue>manual</stringvalue>
 			</entry>
 		</dir>
 	</dir>
 </gconf>

  • chmod 500 /var/lib/gdm/.gconf
  • /var/lib/gdm/.gconf.path
# treat system-wide settings as mandatory
xml:readonly:/etc/gconf/gconf.xml.system

# override some settings
# we treat settings in this location as
# owned by GDM.  Sysadmins should create
# another source if they wish to override them.
xml:readonly:$(HOME)/.gconf.mandatory

# distribution default values
xml:readonly:$(HOME)/.gconf.defaults
  • /etc/cntlm.conf
Domain          WF
Proxy           campusnet.uct.ac.za:8080
Listen          8080
NTLMToBasic     yes

Pre-imaging