Difference between revisions of "TSL"
From Department of Computer Science
(65 has network issue) |
|||
(66 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
== TSL Todo list == | == TSL Todo list == | ||
− | * | + | * Set BIOS passwords |
− | + | * Lock down network ports (MAC address) | |
− | * | ||
− | |||
* Install replaced / fixed computers | * Install replaced / fixed computers | ||
+ | * Roll out Karmic | ||
== Current problems == | == Current problems == | ||
− | ; | + | ; Power Sockets: pc44 |
− | ;Power | + | ; Security Lug on PC: pc44 |
− | ; | + | ; Low Memory (256M): pc55 |
+ | ; Bad HDD / BIOS: pc84 | ||
+ | ; BIOS Locked: pc79 | ||
+ | |||
+ | === Known Unreliable machines === | ||
+ | ; pc59: Unknown (2 Oct 2009) | ||
+ | ; pc09: Bad network card, sensitive to cable position (2 Oct 2009) | ||
+ | ; pc69: Thermal event (9 Oct 2009) | ||
+ | ; pc07: BIOS Battery? (9 Oct 2009) | ||
+ | ; pc21: BIOS Battery? (9 Oct 2009) | ||
+ | ; pc76: Cold boot reqd (16 Oct 2009) | ||
+ | ; pc46: Broken facade (16 Oct 2009) | ||
+ | ; pc16: BIOS Battery? (16 Oct 2009) | ||
+ | ; pc56: Lock cable doesn't pass through loop | ||
+ | |||
+ | === Row 1 === | ||
+ | ;Working: 6 | ||
+ | ;Power: pc48 | ||
+ | ;No Power button: pc to the left of it | ||
+ | |||
+ | === Row 2 === | ||
+ | ; Working: 7 | ||
+ | ; Missing: 1 | ||
+ | |||
+ | === Row 3 === | ||
+ | ; Working: 8 | ||
+ | |||
+ | === Row 4 === | ||
+ | ; Working: 8 | ||
+ | |||
+ | === Row 5 === | ||
+ | ; Working: 4 | ||
+ | ; Missing: 2 | ||
+ | ; Dead HDD: pc77 | ||
+ | ; Mouse cut: pc82 | ||
+ | ; VGA cut: pc-missing | ||
+ | |||
+ | === Row 6 === | ||
+ | ; Working: 3 | ||
+ | ; Missing: 1 | ||
+ | ; All cables need tying | ||
+ | |||
+ | === Long Row 1 === | ||
+ | (by windows) | ||
+ | ; Working: 16 | ||
+ | ; Missing: 0 | ||
+ | ; No flylead: pc02 | ||
+ | ; Lock doesn't attach pc to desk: pc31 | ||
+ | |||
+ | === Long Row 2 === | ||
+ | ; Working: 15 | ||
+ | ; Missing: 1 | ||
+ | ; Dusty: pc30 | ||
+ | ; No power button: next to pc40 | ||
== Wishlist for next rollout == | == Wishlist for next rollout == | ||
− | |||
== Image == | == Image == | ||
Line 21: | Line 72: | ||
to get a list you can install | to get a list you can install | ||
+ | |||
+ | === Not available in Karmic, but wanted in future === | ||
+ | * eclipse-cdt | ||
+ | * eclipse-pydev | ||
+ | * dillo | ||
+ | * trayer | ||
=== Games === | === Games === | ||
Line 32: | Line 89: | ||
* kobodeluxe | * kobodeluxe | ||
* neverball | * neverball | ||
+ | * nexuiz | ||
* openarena | * openarena | ||
* openttd | * openttd | ||
Line 41: | Line 99: | ||
* wormux | * wormux | ||
* xmoto | * xmoto | ||
+ | |||
+ | === Themes === | ||
+ | * arc-colors | ||
+ | * community-themes | ||
+ | * gdm-themes | ||
+ | * gnome-backgrounds | ||
+ | * gnome-colors | ||
+ | * gnome-themes | ||
+ | * gnome-themes-extras | ||
+ | * gnome-themes-more | ||
+ | * metacity-themes | ||
+ | * shiki-colors | ||
=== Editors === | === Editors === | ||
Line 51: | Line 121: | ||
* emacs | * emacs | ||
* emacs-snapshot | * emacs-snapshot | ||
+ | * emacs-goodies-el | ||
* eric | * eric | ||
* geany | * geany | ||
Line 65: | Line 136: | ||
* scite | * scite | ||
* spe | * spe | ||
− | * vim- | + | * vim-gtk |
+ | * vim-nox | ||
+ | * vim-latexsuite | ||
+ | * vim-vimoutliner | ||
* xemacs21 | * xemacs21 | ||
Line 93: | Line 167: | ||
* jlint-doc | * jlint-doc | ||
* libboost-doc | * libboost-doc | ||
− | |||
* manpages-dev | * manpages-dev | ||
* octave-doc | * octave-doc | ||
Line 146: | Line 219: | ||
* csstidy | * csstidy | ||
* devscripts | * devscripts | ||
+ | * dh-make | ||
* docbook | * docbook | ||
* flex | * flex | ||
Line 202: | Line 276: | ||
* python-jinja | * python-jinja | ||
* python-matplotlib | * python-matplotlib | ||
+ | * python-profiler | ||
+ | * python-psyco | ||
* python-pydot | * python-pydot | ||
* python-pygame | * python-pygame | ||
Line 230: | Line 306: | ||
* ascii | * ascii | ||
* ack-grep | * ack-grep | ||
+ | * cadaver | ||
* clusterssh | * clusterssh | ||
* cowsay | * cowsay | ||
Line 316: | Line 393: | ||
* blender | * blender | ||
* dia | * dia | ||
− | * | + | * dwm-tools |
* epiphany-browser | * epiphany-browser | ||
− | |||
* flashplugin-nonfree | * flashplugin-nonfree | ||
* fluxbox | * fluxbox | ||
Line 333: | Line 409: | ||
* openoffice.org-draw | * openoffice.org-draw | ||
* openoffice.org-pdfimport | * openoffice.org-pdfimport | ||
+ | * pcmanfm | ||
* pdfedit | * pdfedit | ||
* pidgin-plugin-pack | * pidgin-plugin-pack | ||
Line 338: | Line 415: | ||
* rdesktop | * rdesktop | ||
* scribus | * scribus | ||
+ | * stalonetray | ||
* ubuntu-restricted-extras | * ubuntu-restricted-extras | ||
* wine | * wine | ||
Line 357: | Line 435: | ||
=== Fonts === | === Fonts === | ||
− | |||
* ttf-aenigma | * ttf-aenigma | ||
* ttf-atarismall | * ttf-atarismall | ||
Line 404: | Line 481: | ||
* any MTA | * any MTA | ||
* old kernels | * old kernels | ||
− | |||
* shut down unnecessary services | * shut down unnecessary services | ||
* Spring clean /etc/xdg/autostart | * Spring clean /etc/xdg/autostart | ||
Line 413: | Line 489: | ||
Configure: | Configure: | ||
* /etc/apt/sources.list | * /etc/apt/sources.list | ||
− | deb http://ftp.leg.uct.ac.za/ | + | deb http://ftp.leg.uct.ac.za/ubuntu lucid main universe multiverse restricted |
− | deb http://ftp.leg.uct.ac.za | + | deb http://ftp.leg.uct.ac.za/ubuntu lucid-updates main universe multiverse restricted |
− | deb http://ftp.leg.uct.ac.za/pub/linux/medibuntu | + | deb http://ftp.leg.uct.ac.za/ubuntu lucid-security main universe multiverse restricted |
+ | deb http://ftp.leg.uct.ac.za/medibuntu lucid free non-free | ||
+ | deb http://ftp.leg.uct.ac.za/pub/linux/tsl-ppa lucid main | ||
+ | * Install | ||
+ | medibuntu-keyring, tsl-desktop | ||
* /etc/openntpd/ntpd.conf | * /etc/openntpd/ntpd.conf | ||
server ntp1.uct.ac.za | server ntp1.uct.ac.za | ||
Line 422: | Line 502: | ||
server dreamcoat.che.uct.ac.za | server dreamcoat.che.uct.ac.za | ||
server emperor.che.uct.ac.za | server emperor.che.uct.ac.za | ||
+ | * visudo | ||
+ | Defaults env_reset | ||
+ | root ALL=(ALL) ALL | ||
+ | %admin ALL=(ALL) NOPASSWD: ALL | ||
+ | * /root/.ssh/authorized_keys | ||
+ | ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAw4nGVrw+0uJpjJecuL8qjhm0O67ZrXux79fgN2ChdJoiB47KrIfgbWbpdHQiBWWDQjm9ttyf48/kLWwWbSW/DYKxRAH2vSCbpPaabqHB+ixaDKX9Vh8S0fNiOrZnWLwKmgnsdUV08ivk25k5d4NFSjmKvr6Dsp8RyCr+1sZfpdKOu+J1thwlNVkOFJxKxWwezgfflc/+KGbhFCH8Ya0hzellYQiX3px659Ydx4PdSGhT/Td7MK0onC1lK5X2hU3QSr49fwji06lAig1dpHeS4dnOFu2gxFRvlLZqmj31rwIVXQqoZyiIUuAs9EnFKfUVR34k5v20baXQ1bRqd4HgEQ== TSL Key | ||
* /etc/tmpreaper.conf | * /etc/tmpreaper.conf | ||
SHOWWARNING=false | SHOWWARNING=false | ||
− | |||
− | |||
− | |||
− | |||
* /etc/update-manager/meta-release | * /etc/update-manager/meta-release | ||
URI = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release | URI = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release | ||
URI_LTS = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release-lts | URI_LTS = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release-lts | ||
− | * /etc/ | + | * /etc/apt/apt.conf.d/50unattended-upgrades |
− | + | Unattended-Upgrade::Allowed-Origins { | |
+ | "Ubuntu lucid-security"; | ||
+ | "Ubuntu lucid-updates"; | ||
+ | "Ubuntu lucid"; | ||
+ | "Medibuntu lucid"; | ||
+ | "LP-PPA-stefanor-tsl lucid"; | ||
+ | }; | ||
+ | Unattended-Upgrade::Remove-Unused-Dependencies "true"; | ||
+ | Unattended-Upgrade::Automatic-Reboot "true"; | ||
+ | * /etc/grub.d/01_tsl_password | ||
+ | #!/bin/sh | ||
+ | set -e | ||
+ | cat << EOF | ||
+ | set superusers="root" | ||
+ | password_pbkdf2 root grub.pbkdf2.sha512.10000.3712EBD4A97D0FAAA7008F8AB0FFDB733EFB913434799BC1A5E1CE2C91345A61E06BE8A1C8F9276AD46B99B7DE721B00151318B186DD33104239DF4161936A1A.7F07A1B5B046FBA4F6BE254C3923A391B2D668CF6F074C78FC77D9613434FA4F8F12E74F8A2DC74B85CBAC590F1B92A5AC285035D6915AD0A8FFE676FFC85F5D | ||
+ | EOF | ||
+ | |||
* /etc/nsswitch.conf | * /etc/nsswitch.conf | ||
− | passwd: | + | passwd: files ldap |
− | group: | + | group: files ldap |
− | shadow: | + | shadow: files ldap |
* /etc/fstab: | * /etc/fstab: | ||
tsl.uct.ac.za:/home /home nfs rw,sync 0 0 | tsl.uct.ac.za:/home /home nfs rw,sync 0 0 | ||
* /etc/ldap.conf: | * /etc/ldap.conf: | ||
− | + | base dc=tsl,dc=uct,dc=ac,dc=za | |
− | + | uri ldaps://tsl.uct.ac.za/ | |
− | + | ldap_version 3 | |
− | + | pam_password md5 | |
− | pam_password | ||
tls_checkpeer no | tls_checkpeer no | ||
* /etc/security/group.conf | * /etc/security/group.conf | ||
Line 457: | Line 554: | ||
* /etc/firefox-homepage.properties | * /etc/firefox-homepage.properties | ||
browser.startup.homepage=http://www.tsl.uct.ac.za/ | browser.startup.homepage=http://www.tsl.uct.ac.za/ | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
* /etc/gconf/gconf.xml.mandatory/%gconf-tree.xml | * /etc/gconf/gconf.xml.mandatory/%gconf-tree.xml | ||
<nowiki><?xml version="1.0"?> | <nowiki><?xml version="1.0"?> | ||
Line 480: | Line 561: | ||
<dir name="preferences"> | <dir name="preferences"> | ||
<entry name="thumbnail_limit" mtime="1252410114" type="int" value="512000"/> | <entry name="thumbnail_limit" mtime="1252410114" type="int" value="512000"/> | ||
+ | </dir> | ||
+ | </dir> | ||
+ | <dir name="gdm"> | ||
+ | <dir name="simple-greeter"> | ||
+ | <entry name="banner_message_enable" mtime="1268226887" type="bool" value="true"/> | ||
+ | <entry name="banner_message_text" mtime="1268226887" type="string"> | ||
+ | <stringvalue>Any problems? Email help@tsl.uct.ac.za</stringvalue> | ||
+ | </entry> | ||
+ | <entry name="disable_user_list" mtime="1268226887" type="bool" value="true"/> | ||
</dir> | </dir> | ||
</dir> | </dir> | ||
Line 530: | Line 620: | ||
</gconf> | </gconf> | ||
</nowiki> | </nowiki> | ||
+ | * chmod 500 /var/lib/gdm/.gconf | ||
+ | * /var/lib/gdm/.gconf.path | ||
+ | # treat system-wide settings as mandatory | ||
+ | xml:readonly:/etc/gconf/gconf.xml.system | ||
+ | |||
+ | # override some settings | ||
+ | # we treat settings in this location as | ||
+ | # owned by GDM. Sysadmins should create | ||
+ | # another source if they wish to override them. | ||
+ | xml:readonly:$(HOME)/.gconf.mandatory | ||
+ | |||
+ | # distribution default values | ||
+ | xml:readonly:$(HOME)/.gconf.defaults | ||
* /etc/cntlm.conf | * /etc/cntlm.conf | ||
Domain WF | Domain WF | ||
Line 535: | Line 638: | ||
Listen 8080 | Listen 8080 | ||
NTLMToBasic yes | NTLMToBasic yes | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
=== Pre-imaging === | === Pre-imaging === | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
* Remove the two lines from /etc/udev/rules.d/70-persistent-net.rules | * Remove the two lines from /etc/udev/rules.d/70-persistent-net.rules | ||
+ | * A bunch of other useful things to remove: http://live.debian.net/gitweb?p=live-build.git;a=blob;f=scripts/build/lb_chroot_hacks |
Latest revision as of 16:10, 12 October 2011
TSL Todo list
- Set BIOS passwords
- Lock down network ports (MAC address)
- Install replaced / fixed computers
- Roll out Karmic
Current problems
- Power Sockets
- pc44
- Security Lug on PC
- pc44
- Low Memory (256M)
- pc55
- Bad HDD / BIOS
- pc84
- BIOS Locked
- pc79
Known Unreliable machines
- pc59
- Unknown (2 Oct 2009)
- pc09
- Bad network card, sensitive to cable position (2 Oct 2009)
- pc69
- Thermal event (9 Oct 2009)
- pc07
- BIOS Battery? (9 Oct 2009)
- pc21
- BIOS Battery? (9 Oct 2009)
- pc76
- Cold boot reqd (16 Oct 2009)
- pc46
- Broken facade (16 Oct 2009)
- pc16
- BIOS Battery? (16 Oct 2009)
- pc56
- Lock cable doesn't pass through loop
Row 1
- Working
- 6
- Power
- pc48
- No Power button
- pc to the left of it
Row 2
- Working
- 7
- Missing
- 1
Row 3
- Working
- 8
Row 4
- Working
- 8
Row 5
- Working
- 4
- Missing
- 2
- Dead HDD
- pc77
- Mouse cut
- pc82
- VGA cut
- pc-missing
Row 6
- Working
- 3
- Missing
- 1
- All cables need tying
Long Row 1
(by windows)
- Working
- 16
- Missing
- 0
- No flylead
- pc02
- Lock doesn't attach pc to desk
- pc31
Long Row 2
- Working
- 15
- Missing
- 1
- Dusty
- pc30
- No power button
- next to pc40
Wishlist for next rollout
Image
Paste the source of the following into:
sed -ne 's/^* // p' | tr '\n' ' '; echo
to get a list you can install
Not available in Karmic, but wanted in future
- eclipse-cdt
- eclipse-pydev
- dillo
- trayer
Games
- bsdgames
- bzflag
- dosbox
- einstein
- frozen-bubble
- gnome-games
- gtetrinet
- kobodeluxe
- neverball
- nexuiz
- openarena
- openttd
- pingus
- scummvm
- teeworlds
- tetrinet-client
- wesnoth
- wormux
- xmoto
Themes
- arc-colors
- community-themes
- gdm-themes
- gnome-backgrounds
- gnome-colors
- gnome-themes
- gnome-themes-extras
- gnome-themes-more
- metacity-themes
- shiki-colors
Editors
- anjuta
- bluefish
- codeblocks
- eclipse
- eclipse-cdt
- eclipse-pydev
- emacs
- emacs-snapshot
- emacs-goodies-el
- eric
- geany
- idle
- idle-python2.5
- idle3
- joe
- kate
- kdevelop
- lyx
- monodevelop
- monodevelop-java
- netbeans
- scite
- spe
- vim-gtk
- vim-nox
- vim-latexsuite
- vim-vimoutliner
- xemacs21
Docs
- ant-doc
- apache2-doc
- aspell-doc
- autoconf-doc
- automake1.9-doc
- bash-doc
- cdrkit-doc
- ddd-doc
- devhelp
- diveintopython
- doxygen-doc
- flex-doc
- gawk-doc
- gcc-doc
- gdb-doc
- git-doc
- glut-doc
- gmp-doc
- gnuplot-doc
- graphviz-doc
- gtkmm-documentation
- haskell-doc
- jlint-doc
- libboost-doc
- manpages-dev
- octave-doc
- perl-doc
- php-doc
- python-doc
- python-matplotlib-doc
- python-numpy-doc
- python-qt4-doc
- qt4-doc
- r-doc-html
- rubybook
- splint-doc-html
- stl-manual
- sun-java6-doc
- tidy-doc
- xchm
- zsh-doc
Version Control
- cvs
- bzr
- bzr-gtk
- bzr-svn
- bzrtools
- darcs
- git-core
- meld
- mercurial
- subversion
- subversion-tools
- svk
Debugging
- ddd
- d-feet
- lsof
- ltrace
- strace
- valgrind
Programming
- ant
- ant-optional
- bicyclerepair
- bison
- bpython
- bsh
- build-essential
- clisp
- cmake
- csstidy
- devscripts
- dh-make
- docbook
- flex
- freeglut3-dev
- fpc
- gcc-4.1
- gdc
- g++-4.1
- gengetopt
- ghc
- gnome-devel
- gnuplot
- graphviz
- ipython
- jlint
- kiki
- libboost-dev
- libcurl4-openssl-dev
- libghc6-xmonad-dev
- libgtkmm-2.4-dev
- libphobos-4.2-dev
- libqt4-dev
- libqwt-dev
- libsdl-console-dev
- libsdl-dev
- libsdl-gfx1.2-dev
- libsdl-image1.2-dev
- libsdl-mixer1.2-dev
- libsdl-net1.2-dev
- libsdl-pango-dev
- libsdl-sound1.2-dev
- libsdl-stretch-dev
- libsdl-ttf2.0-dev
- linklint
- malbolge
- mesa-utils
- mono-debugger
- octave
- perltidy
- php5-cli
- php5-tidy
- posh
- pyflakes
- pylint
- python3
- python-all-dev
- python-beautifulsoup
- python-celementtree
- python-configobj
- python-crypto
- python-dateutil
- python-django
- python-fuse
- python-gmpy
- python-html5lib
- python-jinja
- python-matplotlib
- python-profiler
- python-psyco
- python-pydot
- python-pygame
- python-pysqlite2
- python-qt4
- python-sphinx
- python-simplejson
- python-scipy
- python-soappy
- python-sqlalchemy
- python-turbogears
- python-twisted
- python-visual
- qt4-designer
- r-recommended
- ruby-full
- ruby-gnome2
- ruby-kde4
- speedcrunch
- splint
- sun-java6-jdk
- sun-java6-plugin
- tidy
- texlive-full
- wxmaxima
Command Line
- ascii
- ack-grep
- cadaver
- clusterssh
- cowsay
- curl
- dot2tex
- elinks
- figlet
- fortune-mod
- hping3
- htop
- indent
- imagemagick
- irssi
- links
- links2
- lftp
- lynx
- manpages
- moreutils
- mtr-tiny
- openssl
- p7zip-full
- p7zip-rar
- pdfjam
- pdftk
- poppler-utils
- pssh
- pwgen
- qemu
- quota
- rsync
- screen
- sl
- socat
- star
- toilet
- traceroute
- tsocks
- units
- unrar
- unzip
- w3m
- whois
- zsh
System
- alien
- cntlm
- fusedav
- fuseiso
- fusesmb
- ldap-auth-client
- ldap-utils
- ncpfs
- nis
- nfs-common
- openntpd
- openssh-server
- smartmontools
- sshfs
- tmpreaper
- wbritish
Databases
- mysql-client
- mysql-doc-5.0
- libmysqlclient-dev
- libmysql++-dev
- libpg-java
- libpq-dev
- libpqxx-dev
- libsqlite-dev
- php5-mysql
- php5-sqlite
- php5-pgsql
- postgresql-client
- postgresql-doc
- python-mysqldb
- python-psycopg2
- sqlite3
- sqlite3-doc
Other
- abiword
- amarok
- blender
- dia
- dwm-tools
- epiphany-browser
- flashplugin-nonfree
- fluxbox
- gajim
- gnumeric
- gwibber
- impressive
- inkscape
- konsole
- konqueror
- konversation
- linuxdcpp
- midori
- openoffice.org-draw
- openoffice.org-pdfimport
- pcmanfm
- pdfedit
- pidgin-plugin-pack
- planner
- rdesktop
- scribus
- stalonetray
- ubuntu-restricted-extras
- wine
- yakuake
- xchat
- xtightvncviewer
- xmonad
Multimedia
- ffmpeg
- non-free-codecs
- libavdevice-unstripped-52
- libavfilter-unstripped-0
- libavformat-unstripped-52
- mencoder
- mplayer
- vlc
- youtube-dl
Fonts
- ttf-aenigma
- ttf-atarismall
- ttf-beteckna
- ttf-breip
- ttf-droid
- ttf-dustin
- ttf-ecolier-court
- ttf-ecolier-lignes-court
- ttf-engadget
- ttf-essays1743
- ttf-f500
- ttf-fifthhorseman-dkg-handwriting
- ttf-georgewilliams
- ttf-goudybookletter
- ttf-inconsolata
- ttf-isabella
- ttf-jsmath
- ttf-junicode
- ttf-konatu
- ttf-larabie-deco
- ttf-larabie-straight
- ttf-larabie-uncommon
- ttf-linux-libertine
- ttf-marvosym
- ttf-mscorefonts-installer
- ttf-ocr-a
- ttf-oflb-asana-math
- ttf-oflb-euterpe
- ttf-radisnoir
- ttf-sil-gentium
- ttf-sil-gentium-basic
- ttf-sjfonts
- ttf-staypuft
- ttf-summersby
- ttf-tomsontalks
- ttf-tuffy
- ttf-ubuntu-title
- ttf-unifont
- ttf-xfree86-nonfree
Post Install
Get rid of:
- any MTA
- old kernels
- shut down unnecessary services
- Spring clean /etc/xdg/autostart
- Use the PolicyKit Authorizations manager to disable suspend and hibernate for normal users.
- rm /etc/hostname
- Remove the 127.0.1.1 line from /etc/hosts
Configure:
- /etc/apt/sources.list
deb http://ftp.leg.uct.ac.za/ubuntu lucid main universe multiverse restricted deb http://ftp.leg.uct.ac.za/ubuntu lucid-updates main universe multiverse restricted deb http://ftp.leg.uct.ac.za/ubuntu lucid-security main universe multiverse restricted deb http://ftp.leg.uct.ac.za/medibuntu lucid free non-free deb http://ftp.leg.uct.ac.za/pub/linux/tsl-ppa lucid main
- Install
medibuntu-keyring, tsl-desktop
- /etc/openntpd/ntpd.conf
server ntp1.uct.ac.za server ntp2.uct.ac.za server ntp3.uct.ac.za server dreamcoat.che.uct.ac.za server emperor.che.uct.ac.za
- visudo
Defaults env_reset root ALL=(ALL) ALL %admin ALL=(ALL) NOPASSWD: ALL
- /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAw4nGVrw+0uJpjJecuL8qjhm0O67ZrXux79fgN2ChdJoiB47KrIfgbWbpdHQiBWWDQjm9ttyf48/kLWwWbSW/DYKxRAH2vSCbpPaabqHB+ixaDKX9Vh8S0fNiOrZnWLwKmgnsdUV08ivk25k5d4NFSjmKvr6Dsp8RyCr+1sZfpdKOu+J1thwlNVkOFJxKxWwezgfflc/+KGbhFCH8Ya0hzellYQiX3px659Ydx4PdSGhT/Td7MK0onC1lK5X2hU3QSr49fwji06lAig1dpHeS4dnOFu2gxFRvlLZqmj31rwIVXQqoZyiIUuAs9EnFKfUVR34k5v20baXQ1bRqd4HgEQ== TSL Key
- /etc/tmpreaper.conf
SHOWWARNING=false
- /etc/update-manager/meta-release
URI = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release URI_LTS = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release-lts
- /etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Allowed-Origins { "Ubuntu lucid-security"; "Ubuntu lucid-updates"; "Ubuntu lucid"; "Medibuntu lucid"; "LP-PPA-stefanor-tsl lucid"; }; Unattended-Upgrade::Remove-Unused-Dependencies "true"; Unattended-Upgrade::Automatic-Reboot "true";
- /etc/grub.d/01_tsl_password
#!/bin/sh set -e cat << EOF set superusers="root" password_pbkdf2 root grub.pbkdf2.sha512.10000.3712EBD4A97D0FAAA7008F8AB0FFDB733EFB913434799BC1A5E1CE2C91345A61E06BE8A1C8F9276AD46B99B7DE721B00151318B186DD33104239DF4161936A1A.7F07A1B5B046FBA4F6BE254C3923A391B2D668CF6F074C78FC77D9613434FA4F8F12E74F8A2DC74B85CBAC590F1B92A5AC285035D6915AD0A8FFE676FFC85F5D EOF
- /etc/nsswitch.conf
passwd: files ldap group: files ldap shadow: files ldap
- /etc/fstab:
tsl.uct.ac.za:/home /home nfs rw,sync 0 0
- /etc/ldap.conf:
base dc=tsl,dc=uct,dc=ac,dc=za uri ldaps://tsl.uct.ac.za/ ldap_version 3 pam_password md5 tls_checkpeer no
- /etc/security/group.conf
*;*;*;Al0000-2400; audio,floppy,video,cdrom,plugdev,fuse
- /etc/firefox-3.[05]/pref/firefox.js
// UCT Proxy pref("network.proxy.autoconfig_url", "http://www.uct.ac.za/cache.pac"); pref("network.proxy.type", 2); pref("browser.cache.disk.capacity", 3000);
- /etc/firefox-3.[05]/pref/ubufox.js
pref("browser.startup.homepage", "file:/etc/firefox-homepage.properties");
- /etc/firefox-homepage.properties
browser.startup.homepage=http://www.tsl.uct.ac.za/
- /etc/gconf/gconf.xml.mandatory/%gconf-tree.xml
<?xml version="1.0"?> <gconf> <dir name="apps"> <dir name="nautilus"> <dir name="preferences"> <entry name="thumbnail_limit" mtime="1252410114" type="int" value="512000"/> </dir> </dir> <dir name="gdm"> <dir name="simple-greeter"> <entry name="banner_message_enable" mtime="1268226887" type="bool" value="true"/> <entry name="banner_message_text" mtime="1268226887" type="string"> <stringvalue>Any problems? Email help@tsl.uct.ac.za</stringvalue> </entry> <entry name="disable_user_list" mtime="1268226887" type="bool" value="true"/> </dir> </dir> </dir> <dir name="desktop"> <dir name="gnome"> <dir name="applications"> <dir name="window_manager"> <entry name="default" mtime="1252403218" type="string"> <stringvalue>/usr/bin/metacity</stringvalue> </entry> </dir> </dir> </dir> </dir> <dir name="system"> <dir name="http_proxy"> <entry name="ignore_hosts" mtime="1252519008" type="list" ltype="string"> <li type="string"> <stringvalue>localhost</stringvalue> </li> <li type="string"> <stringvalue>127.0.0.0/8</stringvalue> </li> <li type="string"> <stringvalue>*.local</stringvalue> </li> <li type="string"> <stringvalue>137.158.0.0/16</stringvalue> </li> <li type="string"> <stringvalue>*.uct.ac.za</stringvalue> </li> </entry> <entry name="host" mtime="1252518985" type="string"> <stringvalue>localhost</stringvalue> </entry> <entry name="use_http_proxy" mtime="1252519071" type="bool" value="true"/> </dir> <dir name="proxy"> <entry name="secure_port" mtime="1252518992" type="int" value="8080"/> <entry name="secure_host" mtime="1252518987" type="string"> <stringvalue>localhost</stringvalue> </entry> <entry name="mode" mtime="1252518982" type="string"> <stringvalue>manual</stringvalue> </entry> </dir> </dir> </gconf>
- chmod 500 /var/lib/gdm/.gconf
- /var/lib/gdm/.gconf.path
# treat system-wide settings as mandatory xml:readonly:/etc/gconf/gconf.xml.system # override some settings # we treat settings in this location as # owned by GDM. Sysadmins should create # another source if they wish to override them. xml:readonly:$(HOME)/.gconf.mandatory # distribution default values xml:readonly:$(HOME)/.gconf.defaults
- /etc/cntlm.conf
Domain WF Proxy campusnet.uct.ac.za:8080 Listen 8080 NTLMToBasic yes
Pre-imaging
- Remove the two lines from /etc/udev/rules.d/70-persistent-net.rules
- A bunch of other useful things to remove: http://live.debian.net/gitweb?p=live-build.git;a=blob;f=scripts/build/lb_chroot_hacks