Difference between revisions of "TSL"
From Department of Computer Science
(→Editors: emac-snapshot) |
|||
(167 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
== TSL Todo list == | == TSL Todo list == | ||
− | * | + | * Set BIOS passwords |
− | * | + | * Lock down network ports (MAC address) |
− | |||
* Install replaced / fixed computers | * Install replaced / fixed computers | ||
+ | * Roll out Karmic | ||
== Current problems == | == Current problems == | ||
− | ; | + | ; Power Sockets: pc44 |
− | ;Power | + | ; Security Lug on PC: pc44 |
− | ; | + | ; Low Memory (256M): pc55 |
− | ; | + | ; Bad HDD / BIOS: pc84 |
+ | ; BIOS Locked: pc79 | ||
+ | |||
+ | === Known Unreliable machines === | ||
+ | ; pc59: Unknown (2 Oct 2009) | ||
+ | ; pc09: Bad network card, sensitive to cable position (2 Oct 2009) | ||
+ | ; pc69: Thermal event (9 Oct 2009) | ||
+ | ; pc07: BIOS Battery? (9 Oct 2009) | ||
+ | ; pc21: BIOS Battery? (9 Oct 2009) | ||
+ | ; pc76: Cold boot reqd (16 Oct 2009) | ||
+ | ; pc46: Broken facade (16 Oct 2009) | ||
+ | ; pc16: BIOS Battery? (16 Oct 2009) | ||
+ | ; pc56: Lock cable doesn't pass through loop | ||
+ | |||
+ | === Row 1 === | ||
+ | ;Working: 6 | ||
+ | ;Power: pc48 | ||
+ | ;No Power button: pc to the left of it | ||
+ | |||
+ | === Row 2 === | ||
+ | ; Working: 7 | ||
+ | ; Missing: 1 | ||
+ | |||
+ | === Row 3 === | ||
+ | ; Working: 8 | ||
+ | |||
+ | === Row 4 === | ||
+ | ; Working: 8 | ||
+ | |||
+ | === Row 5 === | ||
+ | ; Working: 4 | ||
+ | ; Missing: 2 | ||
+ | ; Dead HDD: pc77 | ||
+ | ; Mouse cut: pc82 | ||
+ | ; VGA cut: pc-missing | ||
+ | |||
+ | === Row 6 === | ||
+ | ; Working: 3 | ||
+ | ; Missing: 1 | ||
+ | ; All cables need tying | ||
+ | |||
+ | === Long Row 1 === | ||
+ | (by windows) | ||
+ | ; Working: 16 | ||
+ | ; Missing: 0 | ||
+ | ; No flylead: pc02 | ||
+ | ; Lock doesn't attach pc to desk: pc31 | ||
+ | |||
+ | === Long Row 2 === | ||
+ | ; Working: 15 | ||
+ | ; Missing: 1 | ||
+ | ; Dusty: pc30 | ||
+ | ; No power button: next to pc40 | ||
+ | |||
+ | == Wishlist for next rollout == | ||
== Image == | == Image == | ||
Paste the source of the following into: | Paste the source of the following into: | ||
− | + | sed -ne 's/^* // p' | tr '\n' ' '; echo | |
to get a list you can install | to get a list you can install | ||
+ | |||
+ | === Not available in Karmic, but wanted in future === | ||
+ | * eclipse-cdt | ||
+ | * eclipse-pydev | ||
+ | * dillo | ||
+ | * trayer | ||
=== Games === | === Games === | ||
* bsdgames | * bsdgames | ||
* bzflag | * bzflag | ||
+ | * dosbox | ||
+ | * einstein | ||
* frozen-bubble | * frozen-bubble | ||
* gnome-games | * gnome-games | ||
* gtetrinet | * gtetrinet | ||
+ | * kobodeluxe | ||
* neverball | * neverball | ||
+ | * nexuiz | ||
* openarena | * openarena | ||
* openttd | * openttd | ||
* pingus | * pingus | ||
+ | * scummvm | ||
+ | * teeworlds | ||
* tetrinet-client | * tetrinet-client | ||
* wesnoth | * wesnoth | ||
* wormux | * wormux | ||
− | + | * xmoto | |
+ | |||
+ | === Themes === | ||
+ | * arc-colors | ||
+ | * community-themes | ||
+ | * gdm-themes | ||
+ | * gnome-backgrounds | ||
+ | * gnome-colors | ||
+ | * gnome-themes | ||
+ | * gnome-themes-extras | ||
+ | * gnome-themes-more | ||
+ | * metacity-themes | ||
+ | * shiki-colors | ||
+ | |||
=== Editors === | === Editors === | ||
* anjuta | * anjuta | ||
Line 38: | Line 117: | ||
* codeblocks | * codeblocks | ||
* eclipse | * eclipse | ||
+ | * eclipse-cdt | ||
+ | * eclipse-pydev | ||
* emacs | * emacs | ||
* emacs-snapshot | * emacs-snapshot | ||
+ | * emacs-goodies-el | ||
* eric | * eric | ||
* geany | * geany | ||
* idle | * idle | ||
+ | * idle-python2.5 | ||
+ | * idle3 | ||
* joe | * joe | ||
* kate | * kate | ||
* kdevelop | * kdevelop | ||
* lyx | * lyx | ||
+ | * monodevelop | ||
+ | * monodevelop-java | ||
* netbeans | * netbeans | ||
* scite | * scite | ||
− | * vim- | + | * spe |
+ | * vim-gtk | ||
+ | * vim-nox | ||
+ | * vim-latexsuite | ||
+ | * vim-vimoutliner | ||
* xemacs21 | * xemacs21 | ||
=== Docs === | === Docs === | ||
+ | * ant-doc | ||
+ | * apache2-doc | ||
+ | * aspell-doc | ||
+ | * autoconf-doc | ||
+ | * automake1.9-doc | ||
+ | * bash-doc | ||
+ | * cdrkit-doc | ||
+ | * ddd-doc | ||
* devhelp | * devhelp | ||
* diveintopython | * diveintopython | ||
+ | * doxygen-doc | ||
+ | * flex-doc | ||
+ | * gawk-doc | ||
+ | * gcc-doc | ||
+ | * gdb-doc | ||
+ | * git-doc | ||
+ | * glut-doc | ||
+ | * gmp-doc | ||
+ | * gnuplot-doc | ||
+ | * graphviz-doc | ||
+ | * gtkmm-documentation | ||
+ | * haskell-doc | ||
+ | * jlint-doc | ||
+ | * libboost-doc | ||
* manpages-dev | * manpages-dev | ||
+ | * octave-doc | ||
+ | * perl-doc | ||
+ | * php-doc | ||
* python-doc | * python-doc | ||
+ | * python-matplotlib-doc | ||
+ | * python-numpy-doc | ||
+ | * python-qt4-doc | ||
+ | * qt4-doc | ||
+ | * r-doc-html | ||
+ | * rubybook | ||
+ | * splint-doc-html | ||
* stl-manual | * stl-manual | ||
− | + | * sun-java6-doc | |
+ | * tidy-doc | ||
+ | * xchm | ||
+ | * zsh-doc | ||
+ | |||
=== Version Control === | === Version Control === | ||
* cvs | * cvs | ||
Line 75: | Line 201: | ||
=== Debugging === | === Debugging === | ||
* ddd | * ddd | ||
+ | * d-feet | ||
* lsof | * lsof | ||
* ltrace | * ltrace | ||
Line 84: | Line 211: | ||
* ant-optional | * ant-optional | ||
* bicyclerepair | * bicyclerepair | ||
+ | * bison | ||
+ | * bpython | ||
* bsh | * bsh | ||
* build-essential | * build-essential | ||
* clisp | * clisp | ||
+ | * cmake | ||
+ | * csstidy | ||
+ | * devscripts | ||
+ | * dh-make | ||
* docbook | * docbook | ||
+ | * flex | ||
* freeglut3-dev | * freeglut3-dev | ||
* fpc | * fpc | ||
* gcc-4.1 | * gcc-4.1 | ||
+ | * gdc | ||
* g++-4.1 | * g++-4.1 | ||
+ | * gengetopt | ||
* ghc | * ghc | ||
* gnome-devel | * gnome-devel | ||
Line 97: | Line 233: | ||
* graphviz | * graphviz | ||
* ipython | * ipython | ||
+ | * jlint | ||
* kiki | * kiki | ||
+ | * libboost-dev | ||
+ | * libcurl4-openssl-dev | ||
+ | * libghc6-xmonad-dev | ||
+ | * libgtkmm-2.4-dev | ||
+ | * libphobos-4.2-dev | ||
+ | * libqt4-dev | ||
+ | * libqwt-dev | ||
+ | * libsdl-console-dev | ||
+ | * libsdl-dev | ||
+ | * libsdl-gfx1.2-dev | ||
+ | * libsdl-image1.2-dev | ||
+ | * libsdl-mixer1.2-dev | ||
+ | * libsdl-net1.2-dev | ||
+ | * libsdl-pango-dev | ||
+ | * libsdl-sound1.2-dev | ||
+ | * libsdl-stretch-dev | ||
+ | * libsdl-ttf2.0-dev | ||
+ | * linklint | ||
+ | * malbolge | ||
* mesa-utils | * mesa-utils | ||
+ | * mono-debugger | ||
* octave | * octave | ||
+ | * perltidy | ||
+ | * php5-cli | ||
+ | * php5-tidy | ||
+ | * posh | ||
+ | * pyflakes | ||
+ | * pylint | ||
* python3 | * python3 | ||
* python-all-dev | * python-all-dev | ||
Line 107: | Line 270: | ||
* python-crypto | * python-crypto | ||
* python-dateutil | * python-dateutil | ||
+ | * python-django | ||
+ | * python-fuse | ||
+ | * python-gmpy | ||
* python-html5lib | * python-html5lib | ||
* python-jinja | * python-jinja | ||
* python-matplotlib | * python-matplotlib | ||
+ | * python-profiler | ||
+ | * python-psyco | ||
+ | * python-pydot | ||
* python-pygame | * python-pygame | ||
* python-pysqlite2 | * python-pysqlite2 | ||
+ | * python-qt4 | ||
+ | * python-sphinx | ||
* python-simplejson | * python-simplejson | ||
* python-scipy | * python-scipy | ||
* python-soappy | * python-soappy | ||
* python-sqlalchemy | * python-sqlalchemy | ||
+ | * python-turbogears | ||
* python-twisted | * python-twisted | ||
+ | * python-visual | ||
+ | * qt4-designer | ||
+ | * r-recommended | ||
+ | * ruby-full | ||
+ | * ruby-gnome2 | ||
+ | * ruby-kde4 | ||
* speedcrunch | * speedcrunch | ||
+ | * splint | ||
* sun-java6-jdk | * sun-java6-jdk | ||
* sun-java6-plugin | * sun-java6-plugin | ||
+ | * tidy | ||
* texlive-full | * texlive-full | ||
* wxmaxima | * wxmaxima | ||
− | === | + | === Command Line === |
+ | * ascii | ||
* ack-grep | * ack-grep | ||
+ | * cadaver | ||
+ | * clusterssh | ||
+ | * cowsay | ||
+ | * curl | ||
+ | * dot2tex | ||
+ | * elinks | ||
+ | * figlet | ||
+ | * fortune-mod | ||
+ | * hping3 | ||
* htop | * htop | ||
+ | * indent | ||
* imagemagick | * imagemagick | ||
+ | * irssi | ||
+ | * links | ||
+ | * links2 | ||
* lftp | * lftp | ||
+ | * lynx | ||
* manpages | * manpages | ||
* moreutils | * moreutils | ||
* mtr-tiny | * mtr-tiny | ||
− | |||
− | |||
* openssl | * openssl | ||
+ | * p7zip-full | ||
+ | * p7zip-rar | ||
+ | * pdfjam | ||
+ | * pdftk | ||
* poppler-utils | * poppler-utils | ||
+ | * pssh | ||
+ | * pwgen | ||
+ | * qemu | ||
* quota | * quota | ||
− | |||
* rsync | * rsync | ||
* screen | * screen | ||
− | * | + | * sl |
+ | * socat | ||
+ | * star | ||
+ | * toilet | ||
* traceroute | * traceroute | ||
* tsocks | * tsocks | ||
+ | * units | ||
* unrar | * unrar | ||
* unzip | * unzip | ||
+ | * w3m | ||
+ | * whois | ||
+ | * zsh | ||
+ | |||
+ | === System === | ||
+ | * alien | ||
+ | * cntlm | ||
+ | * fusedav | ||
+ | * fuseiso | ||
+ | * fusesmb | ||
+ | * ldap-auth-client | ||
+ | * ldap-utils | ||
+ | * ncpfs | ||
+ | * nis | ||
+ | * nfs-common | ||
+ | * openntpd | ||
+ | * openssh-server | ||
+ | * smartmontools | ||
+ | * sshfs | ||
+ | * tmpreaper | ||
* wbritish | * wbritish | ||
− | * | + | |
− | * | + | === Databases === |
+ | * mysql-client | ||
+ | * mysql-doc-5.0 | ||
+ | * libmysqlclient-dev | ||
+ | * libmysql++-dev | ||
+ | * libpg-java | ||
+ | * libpq-dev | ||
+ | * libpqxx-dev | ||
+ | * libsqlite-dev | ||
+ | * php5-mysql | ||
+ | * php5-sqlite | ||
+ | * php5-pgsql | ||
+ | * postgresql-client | ||
+ | * postgresql-doc | ||
+ | * python-mysqldb | ||
+ | * python-psycopg2 | ||
+ | * sqlite3 | ||
+ | * sqlite3-doc | ||
=== Other === | === Other === | ||
Line 152: | Line 392: | ||
* amarok | * amarok | ||
* blender | * blender | ||
+ | * dia | ||
+ | * dwm-tools | ||
+ | * epiphany-browser | ||
* flashplugin-nonfree | * flashplugin-nonfree | ||
+ | * fluxbox | ||
+ | * gajim | ||
* gnumeric | * gnumeric | ||
+ | * gwibber | ||
+ | * impressive | ||
* inkscape | * inkscape | ||
* konsole | * konsole | ||
* konqueror | * konqueror | ||
+ | * konversation | ||
* linuxdcpp | * linuxdcpp | ||
− | * | + | * midori |
* openoffice.org-draw | * openoffice.org-draw | ||
+ | * openoffice.org-pdfimport | ||
+ | * pcmanfm | ||
+ | * pdfedit | ||
+ | * pidgin-plugin-pack | ||
* planner | * planner | ||
+ | * rdesktop | ||
+ | * scribus | ||
+ | * stalonetray | ||
* ubuntu-restricted-extras | * ubuntu-restricted-extras | ||
* wine | * wine | ||
* yakuake | * yakuake | ||
* xchat | * xchat | ||
+ | * xtightvncviewer | ||
+ | * xmonad | ||
+ | |||
+ | === Multimedia === | ||
+ | * ffmpeg | ||
+ | * non-free-codecs | ||
+ | * libavdevice-unstripped-52 | ||
+ | * libavfilter-unstripped-0 | ||
+ | * libavformat-unstripped-52 | ||
+ | * mencoder | ||
+ | * mplayer | ||
+ | * vlc | ||
+ | * youtube-dl | ||
=== Fonts === | === Fonts === | ||
− | |||
* ttf-aenigma | * ttf-aenigma | ||
* ttf-atarismall | * ttf-atarismall | ||
Line 210: | Line 477: | ||
=== Post Install === | === Post Install === | ||
− | Get rid of any MTA. Configure | + | Get rid of: |
+ | |||
+ | * any MTA | ||
+ | * old kernels | ||
+ | * shut down unnecessary services | ||
+ | * Spring clean /etc/xdg/autostart | ||
+ | * Use the PolicyKit Authorizations manager to disable suspend and hibernate for normal users. | ||
+ | * rm /etc/hostname | ||
+ | * Remove the 127.0.1.1 line from /etc/hosts | ||
+ | |||
+ | Configure: | ||
+ | * /etc/apt/sources.list | ||
+ | deb http://ftp.leg.uct.ac.za/ubuntu lucid main universe multiverse restricted | ||
+ | deb http://ftp.leg.uct.ac.za/ubuntu lucid-updates main universe multiverse restricted | ||
+ | deb http://ftp.leg.uct.ac.za/ubuntu lucid-security main universe multiverse restricted | ||
+ | deb http://ftp.leg.uct.ac.za/medibuntu lucid free non-free | ||
+ | deb http://ftp.leg.uct.ac.za/pub/linux/tsl-ppa lucid main | ||
+ | * Install | ||
+ | medibuntu-keyring, tsl-desktop | ||
+ | * /etc/openntpd/ntpd.conf | ||
+ | server ntp1.uct.ac.za | ||
+ | server ntp2.uct.ac.za | ||
+ | server ntp3.uct.ac.za | ||
+ | server dreamcoat.che.uct.ac.za | ||
+ | server emperor.che.uct.ac.za | ||
+ | * visudo | ||
+ | Defaults env_reset | ||
+ | root ALL=(ALL) ALL | ||
+ | %admin ALL=(ALL) NOPASSWD: ALL | ||
+ | * /root/.ssh/authorized_keys | ||
+ | ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAw4nGVrw+0uJpjJecuL8qjhm0O67ZrXux79fgN2ChdJoiB47KrIfgbWbpdHQiBWWDQjm9ttyf48/kLWwWbSW/DYKxRAH2vSCbpPaabqHB+ixaDKX9Vh8S0fNiOrZnWLwKmgnsdUV08ivk25k5d4NFSjmKvr6Dsp8RyCr+1sZfpdKOu+J1thwlNVkOFJxKxWwezgfflc/+KGbhFCH8Ya0hzellYQiX3px659Ydx4PdSGhT/Td7MK0onC1lK5X2hU3QSr49fwji06lAig1dpHeS4dnOFu2gxFRvlLZqmj31rwIVXQqoZyiIUuAs9EnFKfUVR34k5v20baXQ1bRqd4HgEQ== TSL Key | ||
+ | * /etc/tmpreaper.conf | ||
+ | SHOWWARNING=false | ||
+ | * /etc/update-manager/meta-release | ||
+ | URI = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release | ||
+ | URI_LTS = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release-lts | ||
+ | * /etc/apt/apt.conf.d/50unattended-upgrades | ||
+ | Unattended-Upgrade::Allowed-Origins { | ||
+ | "Ubuntu lucid-security"; | ||
+ | "Ubuntu lucid-updates"; | ||
+ | "Ubuntu lucid"; | ||
+ | "Medibuntu lucid"; | ||
+ | "LP-PPA-stefanor-tsl lucid"; | ||
+ | }; | ||
+ | Unattended-Upgrade::Remove-Unused-Dependencies "true"; | ||
+ | Unattended-Upgrade::Automatic-Reboot "true"; | ||
+ | * /etc/grub.d/01_tsl_password | ||
+ | #!/bin/sh | ||
+ | set -e | ||
+ | cat << EOF | ||
+ | set superusers="root" | ||
+ | password_pbkdf2 root grub.pbkdf2.sha512.10000.3712EBD4A97D0FAAA7008F8AB0FFDB733EFB913434799BC1A5E1CE2C91345A61E06BE8A1C8F9276AD46B99B7DE721B00151318B186DD33104239DF4161936A1A.7F07A1B5B046FBA4F6BE254C3923A391B2D668CF6F074C78FC77D9613434FA4F8F12E74F8A2DC74B85CBAC590F1B92A5AC285035D6915AD0A8FFE676FFC85F5D | ||
+ | EOF | ||
+ | |||
+ | * /etc/nsswitch.conf | ||
+ | passwd: files ldap | ||
+ | group: files ldap | ||
+ | shadow: files ldap | ||
+ | * /etc/fstab: | ||
+ | tsl.uct.ac.za:/home /home nfs rw,sync 0 0 | ||
+ | * /etc/ldap.conf: | ||
+ | base dc=tsl,dc=uct,dc=ac,dc=za | ||
+ | uri ldaps://tsl.uct.ac.za/ | ||
+ | ldap_version 3 | ||
+ | pam_password md5 | ||
+ | tls_checkpeer no | ||
+ | * /etc/security/group.conf | ||
+ | *;*;*;Al0000-2400; audio,floppy,video,cdrom,plugdev,fuse | ||
+ | * /etc/firefox-3.[05]/pref/firefox.js | ||
+ | // UCT Proxy | ||
+ | pref("network.proxy.autoconfig_url", "http://www.uct.ac.za/cache.pac"); | ||
+ | pref("network.proxy.type", 2); | ||
+ | pref("browser.cache.disk.capacity", 3000); | ||
+ | * /etc/firefox-3.[05]/pref/ubufox.js | ||
+ | pref("browser.startup.homepage", "file:/etc/firefox-homepage.properties"); | ||
+ | * /etc/firefox-homepage.properties | ||
+ | browser.startup.homepage=http://www.tsl.uct.ac.za/ | ||
+ | * /etc/gconf/gconf.xml.mandatory/%gconf-tree.xml | ||
+ | <nowiki><?xml version="1.0"?> | ||
+ | <gconf> | ||
+ | <dir name="apps"> | ||
+ | <dir name="nautilus"> | ||
+ | <dir name="preferences"> | ||
+ | <entry name="thumbnail_limit" mtime="1252410114" type="int" value="512000"/> | ||
+ | </dir> | ||
+ | </dir> | ||
+ | <dir name="gdm"> | ||
+ | <dir name="simple-greeter"> | ||
+ | <entry name="banner_message_enable" mtime="1268226887" type="bool" value="true"/> | ||
+ | <entry name="banner_message_text" mtime="1268226887" type="string"> | ||
+ | <stringvalue>Any problems? Email help@tsl.uct.ac.za</stringvalue> | ||
+ | </entry> | ||
+ | <entry name="disable_user_list" mtime="1268226887" type="bool" value="true"/> | ||
+ | </dir> | ||
+ | </dir> | ||
+ | </dir> | ||
+ | <dir name="desktop"> | ||
+ | <dir name="gnome"> | ||
+ | <dir name="applications"> | ||
+ | <dir name="window_manager"> | ||
+ | <entry name="default" mtime="1252403218" type="string"> | ||
+ | <stringvalue>/usr/bin/metacity</stringvalue> | ||
+ | </entry> | ||
+ | </dir> | ||
+ | </dir> | ||
+ | </dir> | ||
+ | </dir> | ||
+ | <dir name="system"> | ||
+ | <dir name="http_proxy"> | ||
+ | <entry name="ignore_hosts" mtime="1252519008" type="list" ltype="string"> | ||
+ | <li type="string"> | ||
+ | <stringvalue>localhost</stringvalue> | ||
+ | </li> | ||
+ | <li type="string"> | ||
+ | <stringvalue>127.0.0.0/8</stringvalue> | ||
+ | </li> | ||
+ | <li type="string"> | ||
+ | <stringvalue>*.local</stringvalue> | ||
+ | </li> | ||
+ | <li type="string"> | ||
+ | <stringvalue>137.158.0.0/16</stringvalue> | ||
+ | </li> | ||
+ | <li type="string"> | ||
+ | <stringvalue>*.uct.ac.za</stringvalue> | ||
+ | </li> | ||
+ | </entry> | ||
+ | <entry name="host" mtime="1252518985" type="string"> | ||
+ | <stringvalue>localhost</stringvalue> | ||
+ | </entry> | ||
+ | <entry name="use_http_proxy" mtime="1252519071" type="bool" value="true"/> | ||
+ | </dir> | ||
+ | <dir name="proxy"> | ||
+ | <entry name="secure_port" mtime="1252518992" type="int" value="8080"/> | ||
+ | <entry name="secure_host" mtime="1252518987" type="string"> | ||
+ | <stringvalue>localhost</stringvalue> | ||
+ | </entry> | ||
+ | <entry name="mode" mtime="1252518982" type="string"> | ||
+ | <stringvalue>manual</stringvalue> | ||
+ | </entry> | ||
+ | </dir> | ||
+ | </dir> | ||
+ | </gconf> | ||
+ | </nowiki> | ||
+ | * chmod 500 /var/lib/gdm/.gconf | ||
+ | * /var/lib/gdm/.gconf.path | ||
+ | # treat system-wide settings as mandatory | ||
+ | xml:readonly:/etc/gconf/gconf.xml.system | ||
+ | |||
+ | # override some settings | ||
+ | # we treat settings in this location as | ||
+ | # owned by GDM. Sysadmins should create | ||
+ | # another source if they wish to override them. | ||
+ | xml:readonly:$(HOME)/.gconf.mandatory | ||
+ | |||
+ | # distribution default values | ||
+ | xml:readonly:$(HOME)/.gconf.defaults | ||
+ | * /etc/cntlm.conf | ||
+ | Domain WF | ||
+ | Proxy campusnet.uct.ac.za:8080 | ||
+ | Listen 8080 | ||
+ | NTLMToBasic yes | ||
+ | |||
+ | === Pre-imaging === | ||
+ | |||
+ | * Remove the two lines from /etc/udev/rules.d/70-persistent-net.rules | ||
+ | * A bunch of other useful things to remove: http://live.debian.net/gitweb?p=live-build.git;a=blob;f=scripts/build/lb_chroot_hacks |
Latest revision as of 16:10, 12 October 2011
TSL Todo list
- Set BIOS passwords
- Lock down network ports (MAC address)
- Install replaced / fixed computers
- Roll out Karmic
Current problems
- Power Sockets
- pc44
- Security Lug on PC
- pc44
- Low Memory (256M)
- pc55
- Bad HDD / BIOS
- pc84
- BIOS Locked
- pc79
Known Unreliable machines
- pc59
- Unknown (2 Oct 2009)
- pc09
- Bad network card, sensitive to cable position (2 Oct 2009)
- pc69
- Thermal event (9 Oct 2009)
- pc07
- BIOS Battery? (9 Oct 2009)
- pc21
- BIOS Battery? (9 Oct 2009)
- pc76
- Cold boot reqd (16 Oct 2009)
- pc46
- Broken facade (16 Oct 2009)
- pc16
- BIOS Battery? (16 Oct 2009)
- pc56
- Lock cable doesn't pass through loop
Row 1
- Working
- 6
- Power
- pc48
- No Power button
- pc to the left of it
Row 2
- Working
- 7
- Missing
- 1
Row 3
- Working
- 8
Row 4
- Working
- 8
Row 5
- Working
- 4
- Missing
- 2
- Dead HDD
- pc77
- Mouse cut
- pc82
- VGA cut
- pc-missing
Row 6
- Working
- 3
- Missing
- 1
- All cables need tying
Long Row 1
(by windows)
- Working
- 16
- Missing
- 0
- No flylead
- pc02
- Lock doesn't attach pc to desk
- pc31
Long Row 2
- Working
- 15
- Missing
- 1
- Dusty
- pc30
- No power button
- next to pc40
Wishlist for next rollout
Image
Paste the source of the following into:
sed -ne 's/^* // p' | tr '\n' ' '; echo
to get a list you can install
Not available in Karmic, but wanted in future
- eclipse-cdt
- eclipse-pydev
- dillo
- trayer
Games
- bsdgames
- bzflag
- dosbox
- einstein
- frozen-bubble
- gnome-games
- gtetrinet
- kobodeluxe
- neverball
- nexuiz
- openarena
- openttd
- pingus
- scummvm
- teeworlds
- tetrinet-client
- wesnoth
- wormux
- xmoto
Themes
- arc-colors
- community-themes
- gdm-themes
- gnome-backgrounds
- gnome-colors
- gnome-themes
- gnome-themes-extras
- gnome-themes-more
- metacity-themes
- shiki-colors
Editors
- anjuta
- bluefish
- codeblocks
- eclipse
- eclipse-cdt
- eclipse-pydev
- emacs
- emacs-snapshot
- emacs-goodies-el
- eric
- geany
- idle
- idle-python2.5
- idle3
- joe
- kate
- kdevelop
- lyx
- monodevelop
- monodevelop-java
- netbeans
- scite
- spe
- vim-gtk
- vim-nox
- vim-latexsuite
- vim-vimoutliner
- xemacs21
Docs
- ant-doc
- apache2-doc
- aspell-doc
- autoconf-doc
- automake1.9-doc
- bash-doc
- cdrkit-doc
- ddd-doc
- devhelp
- diveintopython
- doxygen-doc
- flex-doc
- gawk-doc
- gcc-doc
- gdb-doc
- git-doc
- glut-doc
- gmp-doc
- gnuplot-doc
- graphviz-doc
- gtkmm-documentation
- haskell-doc
- jlint-doc
- libboost-doc
- manpages-dev
- octave-doc
- perl-doc
- php-doc
- python-doc
- python-matplotlib-doc
- python-numpy-doc
- python-qt4-doc
- qt4-doc
- r-doc-html
- rubybook
- splint-doc-html
- stl-manual
- sun-java6-doc
- tidy-doc
- xchm
- zsh-doc
Version Control
- cvs
- bzr
- bzr-gtk
- bzr-svn
- bzrtools
- darcs
- git-core
- meld
- mercurial
- subversion
- subversion-tools
- svk
Debugging
- ddd
- d-feet
- lsof
- ltrace
- strace
- valgrind
Programming
- ant
- ant-optional
- bicyclerepair
- bison
- bpython
- bsh
- build-essential
- clisp
- cmake
- csstidy
- devscripts
- dh-make
- docbook
- flex
- freeglut3-dev
- fpc
- gcc-4.1
- gdc
- g++-4.1
- gengetopt
- ghc
- gnome-devel
- gnuplot
- graphviz
- ipython
- jlint
- kiki
- libboost-dev
- libcurl4-openssl-dev
- libghc6-xmonad-dev
- libgtkmm-2.4-dev
- libphobos-4.2-dev
- libqt4-dev
- libqwt-dev
- libsdl-console-dev
- libsdl-dev
- libsdl-gfx1.2-dev
- libsdl-image1.2-dev
- libsdl-mixer1.2-dev
- libsdl-net1.2-dev
- libsdl-pango-dev
- libsdl-sound1.2-dev
- libsdl-stretch-dev
- libsdl-ttf2.0-dev
- linklint
- malbolge
- mesa-utils
- mono-debugger
- octave
- perltidy
- php5-cli
- php5-tidy
- posh
- pyflakes
- pylint
- python3
- python-all-dev
- python-beautifulsoup
- python-celementtree
- python-configobj
- python-crypto
- python-dateutil
- python-django
- python-fuse
- python-gmpy
- python-html5lib
- python-jinja
- python-matplotlib
- python-profiler
- python-psyco
- python-pydot
- python-pygame
- python-pysqlite2
- python-qt4
- python-sphinx
- python-simplejson
- python-scipy
- python-soappy
- python-sqlalchemy
- python-turbogears
- python-twisted
- python-visual
- qt4-designer
- r-recommended
- ruby-full
- ruby-gnome2
- ruby-kde4
- speedcrunch
- splint
- sun-java6-jdk
- sun-java6-plugin
- tidy
- texlive-full
- wxmaxima
Command Line
- ascii
- ack-grep
- cadaver
- clusterssh
- cowsay
- curl
- dot2tex
- elinks
- figlet
- fortune-mod
- hping3
- htop
- indent
- imagemagick
- irssi
- links
- links2
- lftp
- lynx
- manpages
- moreutils
- mtr-tiny
- openssl
- p7zip-full
- p7zip-rar
- pdfjam
- pdftk
- poppler-utils
- pssh
- pwgen
- qemu
- quota
- rsync
- screen
- sl
- socat
- star
- toilet
- traceroute
- tsocks
- units
- unrar
- unzip
- w3m
- whois
- zsh
System
- alien
- cntlm
- fusedav
- fuseiso
- fusesmb
- ldap-auth-client
- ldap-utils
- ncpfs
- nis
- nfs-common
- openntpd
- openssh-server
- smartmontools
- sshfs
- tmpreaper
- wbritish
Databases
- mysql-client
- mysql-doc-5.0
- libmysqlclient-dev
- libmysql++-dev
- libpg-java
- libpq-dev
- libpqxx-dev
- libsqlite-dev
- php5-mysql
- php5-sqlite
- php5-pgsql
- postgresql-client
- postgresql-doc
- python-mysqldb
- python-psycopg2
- sqlite3
- sqlite3-doc
Other
- abiword
- amarok
- blender
- dia
- dwm-tools
- epiphany-browser
- flashplugin-nonfree
- fluxbox
- gajim
- gnumeric
- gwibber
- impressive
- inkscape
- konsole
- konqueror
- konversation
- linuxdcpp
- midori
- openoffice.org-draw
- openoffice.org-pdfimport
- pcmanfm
- pdfedit
- pidgin-plugin-pack
- planner
- rdesktop
- scribus
- stalonetray
- ubuntu-restricted-extras
- wine
- yakuake
- xchat
- xtightvncviewer
- xmonad
Multimedia
- ffmpeg
- non-free-codecs
- libavdevice-unstripped-52
- libavfilter-unstripped-0
- libavformat-unstripped-52
- mencoder
- mplayer
- vlc
- youtube-dl
Fonts
- ttf-aenigma
- ttf-atarismall
- ttf-beteckna
- ttf-breip
- ttf-droid
- ttf-dustin
- ttf-ecolier-court
- ttf-ecolier-lignes-court
- ttf-engadget
- ttf-essays1743
- ttf-f500
- ttf-fifthhorseman-dkg-handwriting
- ttf-georgewilliams
- ttf-goudybookletter
- ttf-inconsolata
- ttf-isabella
- ttf-jsmath
- ttf-junicode
- ttf-konatu
- ttf-larabie-deco
- ttf-larabie-straight
- ttf-larabie-uncommon
- ttf-linux-libertine
- ttf-marvosym
- ttf-mscorefonts-installer
- ttf-ocr-a
- ttf-oflb-asana-math
- ttf-oflb-euterpe
- ttf-radisnoir
- ttf-sil-gentium
- ttf-sil-gentium-basic
- ttf-sjfonts
- ttf-staypuft
- ttf-summersby
- ttf-tomsontalks
- ttf-tuffy
- ttf-ubuntu-title
- ttf-unifont
- ttf-xfree86-nonfree
Post Install
Get rid of:
- any MTA
- old kernels
- shut down unnecessary services
- Spring clean /etc/xdg/autostart
- Use the PolicyKit Authorizations manager to disable suspend and hibernate for normal users.
- rm /etc/hostname
- Remove the 127.0.1.1 line from /etc/hosts
Configure:
- /etc/apt/sources.list
deb http://ftp.leg.uct.ac.za/ubuntu lucid main universe multiverse restricted deb http://ftp.leg.uct.ac.za/ubuntu lucid-updates main universe multiverse restricted deb http://ftp.leg.uct.ac.za/ubuntu lucid-security main universe multiverse restricted deb http://ftp.leg.uct.ac.za/medibuntu lucid free non-free deb http://ftp.leg.uct.ac.za/pub/linux/tsl-ppa lucid main
- Install
medibuntu-keyring, tsl-desktop
- /etc/openntpd/ntpd.conf
server ntp1.uct.ac.za server ntp2.uct.ac.za server ntp3.uct.ac.za server dreamcoat.che.uct.ac.za server emperor.che.uct.ac.za
- visudo
Defaults env_reset root ALL=(ALL) ALL %admin ALL=(ALL) NOPASSWD: ALL
- /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAw4nGVrw+0uJpjJecuL8qjhm0O67ZrXux79fgN2ChdJoiB47KrIfgbWbpdHQiBWWDQjm9ttyf48/kLWwWbSW/DYKxRAH2vSCbpPaabqHB+ixaDKX9Vh8S0fNiOrZnWLwKmgnsdUV08ivk25k5d4NFSjmKvr6Dsp8RyCr+1sZfpdKOu+J1thwlNVkOFJxKxWwezgfflc/+KGbhFCH8Ya0hzellYQiX3px659Ydx4PdSGhT/Td7MK0onC1lK5X2hU3QSr49fwji06lAig1dpHeS4dnOFu2gxFRvlLZqmj31rwIVXQqoZyiIUuAs9EnFKfUVR34k5v20baXQ1bRqd4HgEQ== TSL Key
- /etc/tmpreaper.conf
SHOWWARNING=false
- /etc/update-manager/meta-release
URI = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release URI_LTS = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release-lts
- /etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Allowed-Origins { "Ubuntu lucid-security"; "Ubuntu lucid-updates"; "Ubuntu lucid"; "Medibuntu lucid"; "LP-PPA-stefanor-tsl lucid"; }; Unattended-Upgrade::Remove-Unused-Dependencies "true"; Unattended-Upgrade::Automatic-Reboot "true";
- /etc/grub.d/01_tsl_password
#!/bin/sh set -e cat << EOF set superusers="root" password_pbkdf2 root grub.pbkdf2.sha512.10000.3712EBD4A97D0FAAA7008F8AB0FFDB733EFB913434799BC1A5E1CE2C91345A61E06BE8A1C8F9276AD46B99B7DE721B00151318B186DD33104239DF4161936A1A.7F07A1B5B046FBA4F6BE254C3923A391B2D668CF6F074C78FC77D9613434FA4F8F12E74F8A2DC74B85CBAC590F1B92A5AC285035D6915AD0A8FFE676FFC85F5D EOF
- /etc/nsswitch.conf
passwd: files ldap group: files ldap shadow: files ldap
- /etc/fstab:
tsl.uct.ac.za:/home /home nfs rw,sync 0 0
- /etc/ldap.conf:
base dc=tsl,dc=uct,dc=ac,dc=za uri ldaps://tsl.uct.ac.za/ ldap_version 3 pam_password md5 tls_checkpeer no
- /etc/security/group.conf
*;*;*;Al0000-2400; audio,floppy,video,cdrom,plugdev,fuse
- /etc/firefox-3.[05]/pref/firefox.js
// UCT Proxy pref("network.proxy.autoconfig_url", "http://www.uct.ac.za/cache.pac"); pref("network.proxy.type", 2); pref("browser.cache.disk.capacity", 3000);
- /etc/firefox-3.[05]/pref/ubufox.js
pref("browser.startup.homepage", "file:/etc/firefox-homepage.properties");
- /etc/firefox-homepage.properties
browser.startup.homepage=http://www.tsl.uct.ac.za/
- /etc/gconf/gconf.xml.mandatory/%gconf-tree.xml
<?xml version="1.0"?> <gconf> <dir name="apps"> <dir name="nautilus"> <dir name="preferences"> <entry name="thumbnail_limit" mtime="1252410114" type="int" value="512000"/> </dir> </dir> <dir name="gdm"> <dir name="simple-greeter"> <entry name="banner_message_enable" mtime="1268226887" type="bool" value="true"/> <entry name="banner_message_text" mtime="1268226887" type="string"> <stringvalue>Any problems? Email help@tsl.uct.ac.za</stringvalue> </entry> <entry name="disable_user_list" mtime="1268226887" type="bool" value="true"/> </dir> </dir> </dir> <dir name="desktop"> <dir name="gnome"> <dir name="applications"> <dir name="window_manager"> <entry name="default" mtime="1252403218" type="string"> <stringvalue>/usr/bin/metacity</stringvalue> </entry> </dir> </dir> </dir> </dir> <dir name="system"> <dir name="http_proxy"> <entry name="ignore_hosts" mtime="1252519008" type="list" ltype="string"> <li type="string"> <stringvalue>localhost</stringvalue> </li> <li type="string"> <stringvalue>127.0.0.0/8</stringvalue> </li> <li type="string"> <stringvalue>*.local</stringvalue> </li> <li type="string"> <stringvalue>137.158.0.0/16</stringvalue> </li> <li type="string"> <stringvalue>*.uct.ac.za</stringvalue> </li> </entry> <entry name="host" mtime="1252518985" type="string"> <stringvalue>localhost</stringvalue> </entry> <entry name="use_http_proxy" mtime="1252519071" type="bool" value="true"/> </dir> <dir name="proxy"> <entry name="secure_port" mtime="1252518992" type="int" value="8080"/> <entry name="secure_host" mtime="1252518987" type="string"> <stringvalue>localhost</stringvalue> </entry> <entry name="mode" mtime="1252518982" type="string"> <stringvalue>manual</stringvalue> </entry> </dir> </dir> </gconf>
- chmod 500 /var/lib/gdm/.gconf
- /var/lib/gdm/.gconf.path
# treat system-wide settings as mandatory xml:readonly:/etc/gconf/gconf.xml.system # override some settings # we treat settings in this location as # owned by GDM. Sysadmins should create # another source if they wish to override them. xml:readonly:$(HOME)/.gconf.mandatory # distribution default values xml:readonly:$(HOME)/.gconf.defaults
- /etc/cntlm.conf
Domain WF Proxy campusnet.uct.ac.za:8080 Listen 8080 NTLMToBasic yes
Pre-imaging
- Remove the two lines from /etc/udev/rules.d/70-persistent-net.rules
- A bunch of other useful things to remove: http://live.debian.net/gitweb?p=live-build.git;a=blob;f=scripts/build/lb_chroot_hacks