Difference between revisions of "TSL"

From Department of Computer Science
 
(159 intermediate revisions by 5 users not shown)
Line 1: Line 1:
 
== TSL Todo list ==
 
== TSL Todo list ==
  
* Shorten / tie up flyleads
+
* Set BIOS passwords
* Provide tied down flyleads in the laptop areas (areas without PCs)
+
* Lock down network ports (MAC address)
* Build new image & re-image computers
 
 
* Install replaced / fixed computers
 
* Install replaced / fixed computers
 +
* Roll out Karmic
  
 
== Current problems ==
 
== Current problems ==
;Network Sockets: SLAB013 SLAB016.
+
; Power Sockets: pc44
;Power Sockets: pc48
+
; Security Lug on PC: pc44
;Bad Images: 1,2,3,5,12,14,17,20,44,45,47,70,74
+
; Low Memory (256M): pc55
;Grub broken: 7, 8, 9, 12, 23, 35
+
; Bad HDD / BIOS: pc84
 +
; BIOS Locked: pc79
 +
 
 +
=== Known Unreliable machines ===
 +
; pc59: Unknown (2 Oct 2009)
 +
; pc09: Bad network card, sensitive to cable position (2 Oct 2009)
 +
; pc69: Thermal event (9 Oct 2009)
 +
; pc07: BIOS Battery? (9 Oct 2009)
 +
; pc21: BIOS Battery? (9 Oct 2009)
 +
; pc76: Cold boot reqd (16 Oct 2009)
 +
; pc46: Broken facade (16 Oct 2009)
 +
; pc16: BIOS Battery? (16 Oct 2009)
 +
; pc56: Lock cable doesn't pass through loop
 +
 
 +
=== Row 1 ===
 +
;Working: 6
 +
;Power: pc48
 +
;No Power button: pc to the left of it
 +
 
 +
=== Row 2 ===
 +
; Working: 7
 +
; Missing: 1
 +
 
 +
=== Row 3 ===
 +
; Working: 8
 +
 
 +
=== Row 4 ===
 +
; Working: 8
 +
 
 +
=== Row 5 ===
 +
; Working: 4
 +
; Missing: 2
 +
; Dead HDD: pc77
 +
; Mouse cut: pc82
 +
; VGA cut: pc-missing
 +
 
 +
=== Row 6 ===
 +
; Working: 3
 +
; Missing: 1
 +
; All cables need tying
 +
 
 +
=== Long Row 1 ===
 +
(by windows)
 +
; Working: 16
 +
; Missing: 0
 +
; No flylead: pc02
 +
; Lock doesn't attach pc to desk: pc31
 +
 
 +
=== Long Row 2 ===
 +
; Working: 15
 +
; Missing: 1
 +
; Dusty: pc30
 +
; No power button: next to pc40
 +
 
 +
== Wishlist for next rollout ==
  
 
== Image ==
 
== Image ==
  
 
Paste the source of the following into:
 
Paste the source of the following into:
    sed -ne 's/^* // p' | tr '\n' ' '; echo
+
sed -ne 's/^* // p' | tr '\n' ' '; echo
  
 
to get a list you can install
 
to get a list you can install
 +
 +
=== Not available in Karmic, but wanted in future ===
 +
* eclipse-cdt
 +
* eclipse-pydev
 +
* dillo
 +
* trayer
  
 
=== Games ===
 
=== Games ===
 
* bsdgames
 
* bsdgames
 
* bzflag
 
* bzflag
 +
* dosbox
 +
* einstein
 
* frozen-bubble
 
* frozen-bubble
 
* gnome-games
 
* gnome-games
 
* gtetrinet
 
* gtetrinet
 +
* kobodeluxe
 
* neverball
 
* neverball
 +
* nexuiz
 
* openarena
 
* openarena
 
* openttd
 
* openttd
 
* pingus
 
* pingus
 +
* scummvm
 +
* teeworlds
 
* tetrinet-client
 
* tetrinet-client
 
* wesnoth
 
* wesnoth
 
* wormux
 
* wormux
+
* xmoto
 +
 
 +
=== Themes ===
 +
* arc-colors
 +
* community-themes
 +
* gdm-themes
 +
* gnome-backgrounds
 +
* gnome-colors
 +
* gnome-themes
 +
* gnome-themes-extras
 +
* gnome-themes-more
 +
* metacity-themes
 +
* shiki-colors
 +
 
 
=== Editors ===
 
=== Editors ===
 
* anjuta
 
* anjuta
Line 38: Line 117:
 
* codeblocks
 
* codeblocks
 
* eclipse
 
* eclipse
 +
* eclipse-cdt
 +
* eclipse-pydev
 
* emacs
 
* emacs
 
* emacs-snapshot
 
* emacs-snapshot
 +
* emacs-goodies-el
 
* eric
 
* eric
 
* geany
 
* geany
 
* idle
 
* idle
 +
* idle-python2.5
 +
* idle3
 
* joe
 
* joe
 
* kate
 
* kate
 
* kdevelop
 
* kdevelop
 
* lyx
 
* lyx
 +
* monodevelop
 +
* monodevelop-java
 
* netbeans
 
* netbeans
 
* scite
 
* scite
* vim-full
+
* spe
 +
* vim-gtk
 +
* vim-nox
 +
* vim-latexsuite
 +
* vim-vimoutliner
 
* xemacs21
 
* xemacs21
  
 
=== Docs ===
 
=== Docs ===
 +
* ant-doc
 +
* apache2-doc
 +
* aspell-doc
 +
* autoconf-doc
 +
* automake1.9-doc
 +
* bash-doc
 +
* cdrkit-doc
 +
* ddd-doc
 
* devhelp
 
* devhelp
 
* diveintopython
 
* diveintopython
 +
* doxygen-doc
 +
* flex-doc
 +
* gawk-doc
 +
* gcc-doc
 +
* gdb-doc
 +
* git-doc
 +
* glut-doc
 +
* gmp-doc
 +
* gnuplot-doc
 +
* graphviz-doc
 
* gtkmm-documentation
 
* gtkmm-documentation
 +
* haskell-doc
 +
* jlint-doc
 +
* libboost-doc
 
* manpages-dev
 
* manpages-dev
 +
* octave-doc
 +
* perl-doc
 +
* php-doc
 
* python-doc
 
* python-doc
 +
* python-matplotlib-doc
 +
* python-numpy-doc
 +
* python-qt4-doc
 +
* qt4-doc
 +
* r-doc-html
 +
* rubybook
 +
* splint-doc-html
 
* stl-manual
 
* stl-manual
 +
* sun-java6-doc
 +
* tidy-doc
 +
* xchm
 +
* zsh-doc
  
 
=== Version Control ===
 
=== Version Control ===
Line 76: Line 201:
 
=== Debugging ===
 
=== Debugging ===
 
* ddd
 
* ddd
 +
* d-feet
 
* lsof
 
* lsof
 
* ltrace
 
* ltrace
Line 86: Line 212:
 
* bicyclerepair
 
* bicyclerepair
 
* bison
 
* bison
 +
* bpython
 
* bsh
 
* bsh
 
* build-essential
 
* build-essential
 
* clisp
 
* clisp
 
* cmake
 
* cmake
 +
* csstidy
 
* devscripts
 
* devscripts
 +
* dh-make
 
* docbook
 
* docbook
 
* flex
 
* flex
Line 96: Line 225:
 
* fpc
 
* fpc
 
* gcc-4.1
 
* gcc-4.1
 +
* gdc
 
* g++-4.1
 
* g++-4.1
 
* gengetopt
 
* gengetopt
Line 103: Line 233:
 
* graphviz
 
* graphviz
 
* ipython
 
* ipython
 +
* jlint
 
* kiki
 
* kiki
 +
* libboost-dev
 +
* libcurl4-openssl-dev
 
* libghc6-xmonad-dev
 
* libghc6-xmonad-dev
 
* libgtkmm-2.4-dev
 
* libgtkmm-2.4-dev
* libqt3-mt-dev
+
* libphobos-4.2-dev
 
* libqt4-dev
 
* libqt4-dev
 +
* libqwt-dev
 
* libsdl-console-dev
 
* libsdl-console-dev
 
* libsdl-dev
 
* libsdl-dev
Line 118: Line 252:
 
* libsdl-stretch-dev
 
* libsdl-stretch-dev
 
* libsdl-ttf2.0-dev
 
* libsdl-ttf2.0-dev
 +
* linklint
 +
* malbolge
 
* mesa-utils
 
* mesa-utils
 +
* mono-debugger
 
* octave
 
* octave
 +
* perltidy
 +
* php5-cli
 +
* php5-tidy
 +
* posh
 +
* pyflakes
 +
* pylint
 
* python3
 
* python3
 
* python-all-dev
 
* python-all-dev
Line 127: Line 270:
 
* python-crypto
 
* python-crypto
 
* python-dateutil
 
* python-dateutil
 +
* python-django
 +
* python-fuse
 +
* python-gmpy
 
* python-html5lib
 
* python-html5lib
 
* python-jinja
 
* python-jinja
 
* python-matplotlib
 
* python-matplotlib
 +
* python-profiler
 +
* python-psyco
 +
* python-pydot
 
* python-pygame
 
* python-pygame
 
* python-pysqlite2
 
* python-pysqlite2
 +
* python-qt4
 +
* python-sphinx
 
* python-simplejson
 
* python-simplejson
 
* python-scipy
 
* python-scipy
 
* python-soappy
 
* python-soappy
 
* python-sqlalchemy
 
* python-sqlalchemy
 +
* python-turbogears
 
* python-twisted
 
* python-twisted
* qt3-designer
+
* python-visual
 
* qt4-designer
 
* qt4-designer
 +
* r-recommended
 +
* ruby-full
 +
* ruby-gnome2
 +
* ruby-kde4
 
* speedcrunch
 
* speedcrunch
 +
* splint
 
* sun-java6-jdk
 
* sun-java6-jdk
 
* sun-java6-plugin
 
* sun-java6-plugin
 +
* tidy
 
* texlive-full
 
* texlive-full
 
* wxmaxima
 
* wxmaxima
  
=== System ===
+
=== Command Line ===
 +
* ascii
 
* ack-grep
 
* ack-grep
 +
* cadaver
 +
* clusterssh
 +
* cowsay
 +
* curl
 +
* dot2tex
 +
* elinks
 +
* figlet
 +
* fortune-mod
 +
* hping3
 
* htop
 
* htop
 +
* indent
 
* imagemagick
 
* imagemagick
 +
* irssi
 +
* links
 +
* links2
 
* lftp
 
* lftp
 +
* lynx
 
* manpages
 
* manpages
 
* moreutils
 
* moreutils
 
* mtr-tiny
 
* mtr-tiny
* ntp
 
* openssh-server
 
 
* openssl
 
* openssl
 +
* p7zip-full
 +
* p7zip-rar
 +
* pdfjam
 +
* pdftk
 
* poppler-utils
 
* poppler-utils
 +
* pssh
 +
* pwgen
 +
* qemu
 
* quota
 
* quota
* rdesktop
 
 
* rsync
 
* rsync
 
* screen
 
* screen
* tmpreaper
+
* sl
 +
* socat
 +
* star
 +
* toilet
 
* traceroute
 
* traceroute
 
* tsocks
 
* tsocks
 +
* units
 
* unrar
 
* unrar
 
* unzip
 
* unzip
 +
* w3m
 +
* whois
 +
* zsh
 +
 +
=== System ===
 +
* alien
 +
* cntlm
 +
* fusedav
 +
* fuseiso
 +
* fusesmb
 +
* ldap-auth-client
 +
* ldap-utils
 +
* ncpfs
 +
* nis
 +
* nfs-common
 +
* openntpd
 +
* openssh-server
 +
* smartmontools
 +
* sshfs
 +
* tmpreaper
 
* wbritish
 
* wbritish
* whois
+
 
* xtightvncviewer
+
=== Databases ===
 +
* mysql-client
 +
* mysql-doc-5.0
 +
* libmysqlclient-dev
 +
* libmysql++-dev
 +
* libpg-java
 +
* libpq-dev
 +
* libpqxx-dev
 +
* libsqlite-dev
 +
* php5-mysql
 +
* php5-sqlite
 +
* php5-pgsql
 +
* postgresql-client
 +
* postgresql-doc
 +
* python-mysqldb
 +
* python-psycopg2
 +
* sqlite3
 +
* sqlite3-doc
  
 
=== Other ===
 
=== Other ===
Line 174: Line 392:
 
* amarok
 
* amarok
 
* blender
 
* blender
 +
* dia
 +
* dwm-tools
 +
* epiphany-browser
 
* flashplugin-nonfree
 
* flashplugin-nonfree
 +
* fluxbox
 +
* gajim
 
* gnumeric
 
* gnumeric
 +
* gwibber
 +
* impressive
 
* inkscape
 
* inkscape
 
* konsole
 
* konsole
 
* konqueror
 
* konqueror
 +
* konversation
 
* linuxdcpp
 
* linuxdcpp
* mplayer
+
* midori
 
* openoffice.org-draw
 
* openoffice.org-draw
 +
* openoffice.org-pdfimport
 +
* pcmanfm
 +
* pdfedit
 +
* pidgin-plugin-pack
 
* planner
 
* planner
 +
* rdesktop
 +
* scribus
 +
* stalonetray
 
* ubuntu-restricted-extras
 
* ubuntu-restricted-extras
 
* wine
 
* wine
 
* yakuake
 
* yakuake
 
* xchat
 
* xchat
 +
* xtightvncviewer
 +
* xmonad
 +
 +
=== Multimedia ===
 +
* ffmpeg
 +
* non-free-codecs
 +
* libavdevice-unstripped-52
 +
* libavfilter-unstripped-0
 +
* libavformat-unstripped-52
 +
* mencoder
 +
* mplayer
 +
* vlc
 +
* youtube-dl
  
 
=== Fonts ===
 
=== Fonts ===
* ttf-adf
 
 
* ttf-aenigma
 
* ttf-aenigma
 
* ttf-atarismall
 
* ttf-atarismall
Line 232: Line 477:
 
=== Post Install ===
 
=== Post Install ===
  
Get rid of any MTA. Configure ntp, tmpreaper, eclipse (JVM)
+
Get rid of:
 +
 
 +
* any MTA
 +
* old kernels
 +
* shut down unnecessary services
 +
* Spring clean /etc/xdg/autostart
 +
* Use the PolicyKit Authorizations manager to disable suspend and hibernate for normal users.
 +
* rm /etc/hostname
 +
* Remove the 127.0.1.1 line from /etc/hosts
 +
 
 +
Configure:
 +
* /etc/apt/sources.list
 +
deb http://ftp.leg.uct.ac.za/ubuntu lucid main universe multiverse restricted
 +
deb http://ftp.leg.uct.ac.za/ubuntu lucid-updates main universe multiverse restricted
 +
deb http://ftp.leg.uct.ac.za/ubuntu lucid-security main universe multiverse restricted
 +
deb http://ftp.leg.uct.ac.za/medibuntu lucid free non-free
 +
deb http://ftp.leg.uct.ac.za/pub/linux/tsl-ppa lucid main
 +
* Install
 +
medibuntu-keyring, tsl-desktop
 +
* /etc/openntpd/ntpd.conf
 +
server ntp1.uct.ac.za
 +
server ntp2.uct.ac.za
 +
server ntp3.uct.ac.za
 +
server dreamcoat.che.uct.ac.za
 +
server emperor.che.uct.ac.za
 +
* visudo
 +
Defaults        env_reset
 +
root    ALL=(ALL) ALL
 +
%admin ALL=(ALL) NOPASSWD: ALL
 +
* /root/.ssh/authorized_keys
 +
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAw4nGVrw+0uJpjJecuL8qjhm0O67ZrXux79fgN2ChdJoiB47KrIfgbWbpdHQiBWWDQjm9ttyf48/kLWwWbSW/DYKxRAH2vSCbpPaabqHB+ixaDKX9Vh8S0fNiOrZnWLwKmgnsdUV08ivk25k5d4NFSjmKvr6Dsp8RyCr+1sZfpdKOu+J1thwlNVkOFJxKxWwezgfflc/+KGbhFCH8Ya0hzellYQiX3px659Ydx4PdSGhT/Td7MK0onC1lK5X2hU3QSr49fwji06lAig1dpHeS4dnOFu2gxFRvlLZqmj31rwIVXQqoZyiIUuAs9EnFKfUVR34k5v20baXQ1bRqd4HgEQ== TSL Key
 +
* /etc/tmpreaper.conf
 +
SHOWWARNING=false
 +
* /etc/update-manager/meta-release
 +
URI = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release
 +
URI_LTS = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release-lts
 +
* /etc/apt/apt.conf.d/50unattended-upgrades
 +
Unattended-Upgrade::Allowed-Origins {
 +
        "Ubuntu lucid-security";
 +
        "Ubuntu lucid-updates";
 +
        "Ubuntu lucid";
 +
        "Medibuntu lucid";
 +
        "LP-PPA-stefanor-tsl lucid";
 +
};
 +
Unattended-Upgrade::Remove-Unused-Dependencies "true";
 +
Unattended-Upgrade::Automatic-Reboot "true";
 +
* /etc/grub.d/01_tsl_password
 +
#!/bin/sh
 +
set -e
 +
cat << EOF
 +
set superusers="root"
 +
password_pbkdf2 root grub.pbkdf2.sha512.10000.3712EBD4A97D0FAAA7008F8AB0FFDB733EFB913434799BC1A5E1CE2C91345A61E06BE8A1C8F9276AD46B99B7DE721B00151318B186DD33104239DF4161936A1A.7F07A1B5B046FBA4F6BE254C3923A391B2D668CF6F074C78FC77D9613434FA4F8F12E74F8A2DC74B85CBAC590F1B92A5AC285035D6915AD0A8FFE676FFC85F5D
 +
EOF
 +
 
 +
* /etc/nsswitch.conf
 +
passwd:        files ldap
 +
group:          files ldap
 +
shadow:        files ldap
 +
* /etc/fstab:
 +
tsl.uct.ac.za:/home /home nfs rw,sync 0 0
 +
* /etc/ldap.conf:
 +
base dc=tsl,dc=uct,dc=ac,dc=za
 +
uri ldaps://tsl.uct.ac.za/
 +
ldap_version 3
 +
pam_password md5
 +
tls_checkpeer no
 +
* /etc/security/group.conf
 +
*;*;*;Al0000-2400; audio,floppy,video,cdrom,plugdev,fuse
 +
* /etc/firefox-3.[05]/pref/firefox.js
 +
// UCT Proxy
 +
pref("network.proxy.autoconfig_url", "http://www.uct.ac.za/cache.pac");
 +
pref("network.proxy.type", 2);
 +
pref("browser.cache.disk.capacity", 3000);
 +
* /etc/firefox-3.[05]/pref/ubufox.js
 +
pref("browser.startup.homepage", "file:/etc/firefox-homepage.properties");
 +
* /etc/firefox-homepage.properties
 +
browser.startup.homepage=http://www.tsl.uct.ac.za/
 +
* /etc/gconf/gconf.xml.mandatory/%gconf-tree.xml
 +
<nowiki><?xml version="1.0"?>
 +
<gconf>
 +
<dir name="apps">
 +
<dir name="nautilus">
 +
<dir name="preferences">
 +
<entry name="thumbnail_limit" mtime="1252410114" type="int" value="512000"/>
 +
</dir>
 +
</dir>
 +
<dir name="gdm">
 +
<dir name="simple-greeter">
 +
<entry name="banner_message_enable" mtime="1268226887" type="bool" value="true"/>
 +
<entry name="banner_message_text" mtime="1268226887" type="string">
 +
<stringvalue>Any problems? Email help@tsl.uct.ac.za</stringvalue>
 +
</entry>
 +
<entry name="disable_user_list" mtime="1268226887" type="bool" value="true"/>
 +
</dir>
 +
</dir>
 +
</dir>
 +
<dir name="desktop">
 +
<dir name="gnome">
 +
<dir name="applications">
 +
<dir name="window_manager">
 +
<entry name="default" mtime="1252403218" type="string">
 +
<stringvalue>/usr/bin/metacity</stringvalue>
 +
</entry>
 +
</dir>
 +
</dir>
 +
</dir>
 +
</dir>
 +
<dir name="system">
 +
<dir name="http_proxy">
 +
<entry name="ignore_hosts" mtime="1252519008" type="list" ltype="string">
 +
<li type="string">
 +
<stringvalue>localhost</stringvalue>
 +
</li>
 +
<li type="string">
 +
<stringvalue>127.0.0.0/8</stringvalue>
 +
</li>
 +
<li type="string">
 +
<stringvalue>*.local</stringvalue>
 +
</li>
 +
<li type="string">
 +
<stringvalue>137.158.0.0/16</stringvalue>
 +
</li>
 +
<li type="string">
 +
<stringvalue>*.uct.ac.za</stringvalue>
 +
</li>
 +
</entry>
 +
<entry name="host" mtime="1252518985" type="string">
 +
<stringvalue>localhost</stringvalue>
 +
</entry>
 +
<entry name="use_http_proxy" mtime="1252519071" type="bool" value="true"/>
 +
</dir>
 +
<dir name="proxy">
 +
<entry name="secure_port" mtime="1252518992" type="int" value="8080"/>
 +
<entry name="secure_host" mtime="1252518987" type="string">
 +
<stringvalue>localhost</stringvalue>
 +
</entry>
 +
<entry name="mode" mtime="1252518982" type="string">
 +
<stringvalue>manual</stringvalue>
 +
</entry>
 +
</dir>
 +
</dir>
 +
</gconf>
 +
</nowiki>
 +
* chmod 500 /var/lib/gdm/.gconf
 +
* /var/lib/gdm/.gconf.path
 +
# treat system-wide settings as mandatory
 +
xml:readonly:/etc/gconf/gconf.xml.system
 +
 +
# override some settings
 +
# we treat settings in this location as
 +
# owned by GDM.  Sysadmins should create
 +
# another source if they wish to override them.
 +
xml:readonly:$(HOME)/.gconf.mandatory
 +
 +
# distribution default values
 +
xml:readonly:$(HOME)/.gconf.defaults
 +
* /etc/cntlm.conf
 +
Domain          WF
 +
Proxy          campusnet.uct.ac.za:8080
 +
Listen          8080
 +
NTLMToBasic    yes
 +
 
 +
=== Pre-imaging ===
 +
 
 +
* Remove the two lines from /etc/udev/rules.d/70-persistent-net.rules
 +
* A bunch of other useful things to remove: http://live.debian.net/gitweb?p=live-build.git;a=blob;f=scripts/build/lb_chroot_hacks

Latest revision as of 16:10, 12 October 2011

TSL Todo list

  • Set BIOS passwords
  • Lock down network ports (MAC address)
  • Install replaced / fixed computers
  • Roll out Karmic

Current problems

Power Sockets
pc44
Security Lug on PC
pc44
Low Memory (256M)
pc55
Bad HDD / BIOS
pc84
BIOS Locked
pc79

Known Unreliable machines

pc59
Unknown (2 Oct 2009)
pc09
Bad network card, sensitive to cable position (2 Oct 2009)
pc69
Thermal event (9 Oct 2009)
pc07
BIOS Battery? (9 Oct 2009)
pc21
BIOS Battery? (9 Oct 2009)
pc76
Cold boot reqd (16 Oct 2009)
pc46
Broken facade (16 Oct 2009)
pc16
BIOS Battery? (16 Oct 2009)
pc56
Lock cable doesn't pass through loop

Row 1

Working
6
Power
pc48
No Power button
pc to the left of it

Row 2

Working
7
Missing
1

Row 3

Working
8

Row 4

Working
8

Row 5

Working
4
Missing
2
Dead HDD
pc77
Mouse cut
pc82
VGA cut
pc-missing

Row 6

Working
3
Missing
1
All cables need tying

Long Row 1

(by windows)

Working
16
Missing
0
No flylead
pc02
Lock doesn't attach pc to desk
pc31

Long Row 2

Working
15
Missing
1
Dusty
pc30
No power button
next to pc40

Wishlist for next rollout

Image

Paste the source of the following into:

sed -ne 's/^* // p' | tr '\n' ' '; echo

to get a list you can install

Not available in Karmic, but wanted in future

  • eclipse-cdt
  • eclipse-pydev
  • dillo
  • trayer

Games

  • bsdgames
  • bzflag
  • dosbox
  • einstein
  • frozen-bubble
  • gnome-games
  • gtetrinet
  • kobodeluxe
  • neverball
  • nexuiz
  • openarena
  • openttd
  • pingus
  • scummvm
  • teeworlds
  • tetrinet-client
  • wesnoth
  • wormux
  • xmoto

Themes

  • arc-colors
  • community-themes
  • gdm-themes
  • gnome-backgrounds
  • gnome-colors
  • gnome-themes
  • gnome-themes-extras
  • gnome-themes-more
  • metacity-themes
  • shiki-colors

Editors

  • anjuta
  • bluefish
  • codeblocks
  • eclipse
  • eclipse-cdt
  • eclipse-pydev
  • emacs
  • emacs-snapshot
  • emacs-goodies-el
  • eric
  • geany
  • idle
  • idle-python2.5
  • idle3
  • joe
  • kate
  • kdevelop
  • lyx
  • monodevelop
  • monodevelop-java
  • netbeans
  • scite
  • spe
  • vim-gtk
  • vim-nox
  • vim-latexsuite
  • vim-vimoutliner
  • xemacs21

Docs

  • ant-doc
  • apache2-doc
  • aspell-doc
  • autoconf-doc
  • automake1.9-doc
  • bash-doc
  • cdrkit-doc
  • ddd-doc
  • devhelp
  • diveintopython
  • doxygen-doc
  • flex-doc
  • gawk-doc
  • gcc-doc
  • gdb-doc
  • git-doc
  • glut-doc
  • gmp-doc
  • gnuplot-doc
  • graphviz-doc
  • gtkmm-documentation
  • haskell-doc
  • jlint-doc
  • libboost-doc
  • manpages-dev
  • octave-doc
  • perl-doc
  • php-doc
  • python-doc
  • python-matplotlib-doc
  • python-numpy-doc
  • python-qt4-doc
  • qt4-doc
  • r-doc-html
  • rubybook
  • splint-doc-html
  • stl-manual
  • sun-java6-doc
  • tidy-doc
  • xchm
  • zsh-doc

Version Control

  • cvs
  • bzr
  • bzr-gtk
  • bzr-svn
  • bzrtools
  • darcs
  • git-core
  • meld
  • mercurial
  • subversion
  • subversion-tools
  • svk

Debugging

  • ddd
  • d-feet
  • lsof
  • ltrace
  • strace
  • valgrind

Programming

  • ant
  • ant-optional
  • bicyclerepair
  • bison
  • bpython
  • bsh
  • build-essential
  • clisp
  • cmake
  • csstidy
  • devscripts
  • dh-make
  • docbook
  • flex
  • freeglut3-dev
  • fpc
  • gcc-4.1
  • gdc
  • g++-4.1
  • gengetopt
  • ghc
  • gnome-devel
  • gnuplot
  • graphviz
  • ipython
  • jlint
  • kiki
  • libboost-dev
  • libcurl4-openssl-dev
  • libghc6-xmonad-dev
  • libgtkmm-2.4-dev
  • libphobos-4.2-dev
  • libqt4-dev
  • libqwt-dev
  • libsdl-console-dev
  • libsdl-dev
  • libsdl-gfx1.2-dev
  • libsdl-image1.2-dev
  • libsdl-mixer1.2-dev
  • libsdl-net1.2-dev
  • libsdl-pango-dev
  • libsdl-sound1.2-dev
  • libsdl-stretch-dev
  • libsdl-ttf2.0-dev
  • linklint
  • malbolge
  • mesa-utils
  • mono-debugger
  • octave
  • perltidy
  • php5-cli
  • php5-tidy
  • posh
  • pyflakes
  • pylint
  • python3
  • python-all-dev
  • python-beautifulsoup
  • python-celementtree
  • python-configobj
  • python-crypto
  • python-dateutil
  • python-django
  • python-fuse
  • python-gmpy
  • python-html5lib
  • python-jinja
  • python-matplotlib
  • python-profiler
  • python-psyco
  • python-pydot
  • python-pygame
  • python-pysqlite2
  • python-qt4
  • python-sphinx
  • python-simplejson
  • python-scipy
  • python-soappy
  • python-sqlalchemy
  • python-turbogears
  • python-twisted
  • python-visual
  • qt4-designer
  • r-recommended
  • ruby-full
  • ruby-gnome2
  • ruby-kde4
  • speedcrunch
  • splint
  • sun-java6-jdk
  • sun-java6-plugin
  • tidy
  • texlive-full
  • wxmaxima

Command Line

  • ascii
  • ack-grep
  • cadaver
  • clusterssh
  • cowsay
  • curl
  • dot2tex
  • elinks
  • figlet
  • fortune-mod
  • hping3
  • htop
  • indent
  • imagemagick
  • irssi
  • links
  • links2
  • lftp
  • lynx
  • manpages
  • moreutils
  • mtr-tiny
  • openssl
  • p7zip-full
  • p7zip-rar
  • pdfjam
  • pdftk
  • poppler-utils
  • pssh
  • pwgen
  • qemu
  • quota
  • rsync
  • screen
  • sl
  • socat
  • star
  • toilet
  • traceroute
  • tsocks
  • units
  • unrar
  • unzip
  • w3m
  • whois
  • zsh

System

  • alien
  • cntlm
  • fusedav
  • fuseiso
  • fusesmb
  • ldap-auth-client
  • ldap-utils
  • ncpfs
  • nis
  • nfs-common
  • openntpd
  • openssh-server
  • smartmontools
  • sshfs
  • tmpreaper
  • wbritish

Databases

  • mysql-client
  • mysql-doc-5.0
  • libmysqlclient-dev
  • libmysql++-dev
  • libpg-java
  • libpq-dev
  • libpqxx-dev
  • libsqlite-dev
  • php5-mysql
  • php5-sqlite
  • php5-pgsql
  • postgresql-client
  • postgresql-doc
  • python-mysqldb
  • python-psycopg2
  • sqlite3
  • sqlite3-doc

Other

  • abiword
  • amarok
  • blender
  • dia
  • dwm-tools
  • epiphany-browser
  • flashplugin-nonfree
  • fluxbox
  • gajim
  • gnumeric
  • gwibber
  • impressive
  • inkscape
  • konsole
  • konqueror
  • konversation
  • linuxdcpp
  • midori
  • openoffice.org-draw
  • openoffice.org-pdfimport
  • pcmanfm
  • pdfedit
  • pidgin-plugin-pack
  • planner
  • rdesktop
  • scribus
  • stalonetray
  • ubuntu-restricted-extras
  • wine
  • yakuake
  • xchat
  • xtightvncviewer
  • xmonad

Multimedia

  • ffmpeg
  • non-free-codecs
  • libavdevice-unstripped-52
  • libavfilter-unstripped-0
  • libavformat-unstripped-52
  • mencoder
  • mplayer
  • vlc
  • youtube-dl

Fonts

  • ttf-aenigma
  • ttf-atarismall
  • ttf-beteckna
  • ttf-breip
  • ttf-droid
  • ttf-dustin
  • ttf-ecolier-court
  • ttf-ecolier-lignes-court
  • ttf-engadget
  • ttf-essays1743
  • ttf-f500
  • ttf-fifthhorseman-dkg-handwriting
  • ttf-georgewilliams
  • ttf-goudybookletter
  • ttf-inconsolata
  • ttf-isabella
  • ttf-jsmath
  • ttf-junicode
  • ttf-konatu
  • ttf-larabie-deco
  • ttf-larabie-straight
  • ttf-larabie-uncommon
  • ttf-linux-libertine
  • ttf-marvosym
  • ttf-mscorefonts-installer
  • ttf-ocr-a
  • ttf-oflb-asana-math
  • ttf-oflb-euterpe
  • ttf-radisnoir
  • ttf-sil-gentium
  • ttf-sil-gentium-basic
  • ttf-sjfonts
  • ttf-staypuft
  • ttf-summersby
  • ttf-tomsontalks
  • ttf-tuffy
  • ttf-ubuntu-title
  • ttf-unifont
  • ttf-xfree86-nonfree

Post Install

Get rid of:

  • any MTA
  • old kernels
  • shut down unnecessary services
  • Spring clean /etc/xdg/autostart
  • Use the PolicyKit Authorizations manager to disable suspend and hibernate for normal users.
  • rm /etc/hostname
  • Remove the 127.0.1.1 line from /etc/hosts

Configure:

  • /etc/apt/sources.list
deb http://ftp.leg.uct.ac.za/ubuntu lucid main universe multiverse restricted
deb http://ftp.leg.uct.ac.za/ubuntu lucid-updates main universe multiverse restricted
deb http://ftp.leg.uct.ac.za/ubuntu lucid-security main universe multiverse restricted
deb http://ftp.leg.uct.ac.za/medibuntu lucid free non-free
deb http://ftp.leg.uct.ac.za/pub/linux/tsl-ppa lucid main
  • Install
medibuntu-keyring, tsl-desktop
  • /etc/openntpd/ntpd.conf
server ntp1.uct.ac.za
server ntp2.uct.ac.za
server ntp3.uct.ac.za
server dreamcoat.che.uct.ac.za
server emperor.che.uct.ac.za
  • visudo
Defaults        env_reset
root    ALL=(ALL) ALL
%admin ALL=(ALL) NOPASSWD: ALL
  • /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAw4nGVrw+0uJpjJecuL8qjhm0O67ZrXux79fgN2ChdJoiB47KrIfgbWbpdHQiBWWDQjm9ttyf48/kLWwWbSW/DYKxRAH2vSCbpPaabqHB+ixaDKX9Vh8S0fNiOrZnWLwKmgnsdUV08ivk25k5d4NFSjmKvr6Dsp8RyCr+1sZfpdKOu+J1thwlNVkOFJxKxWwezgfflc/+KGbhFCH8Ya0hzellYQiX3px659Ydx4PdSGhT/Td7MK0onC1lK5X2hU3QSr49fwji06lAig1dpHeS4dnOFu2gxFRvlLZqmj31rwIVXQqoZyiIUuAs9EnFKfUVR34k5v20baXQ1bRqd4HgEQ== TSL Key
  • /etc/tmpreaper.conf
SHOWWARNING=false
  • /etc/update-manager/meta-release
URI = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release
URI_LTS = http://ftp.leg.uct.ac.za/pub/linux/ubuntu-changelogs/leg/meta-release-lts
  • /etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Allowed-Origins {
        "Ubuntu lucid-security";
        "Ubuntu lucid-updates";
        "Ubuntu lucid";
        "Medibuntu lucid";
        "LP-PPA-stefanor-tsl lucid";
};
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Automatic-Reboot "true";
  • /etc/grub.d/01_tsl_password
#!/bin/sh
set -e
cat << EOF
set superusers="root"
password_pbkdf2 root grub.pbkdf2.sha512.10000.3712EBD4A97D0FAAA7008F8AB0FFDB733EFB913434799BC1A5E1CE2C91345A61E06BE8A1C8F9276AD46B99B7DE721B00151318B186DD33104239DF4161936A1A.7F07A1B5B046FBA4F6BE254C3923A391B2D668CF6F074C78FC77D9613434FA4F8F12E74F8A2DC74B85CBAC590F1B92A5AC285035D6915AD0A8FFE676FFC85F5D
EOF
  • /etc/nsswitch.conf
passwd:         files ldap
group:          files ldap
shadow:         files ldap
  • /etc/fstab:
tsl.uct.ac.za:/home	/home	nfs	rw,sync		0	0
  • /etc/ldap.conf:
base dc=tsl,dc=uct,dc=ac,dc=za
uri ldaps://tsl.uct.ac.za/
ldap_version 3
pam_password md5
tls_checkpeer no
  • /etc/security/group.conf
*;*;*;Al0000-2400; audio,floppy,video,cdrom,plugdev,fuse
  • /etc/firefox-3.[05]/pref/firefox.js
// UCT Proxy
pref("network.proxy.autoconfig_url", "http://www.uct.ac.za/cache.pac");
pref("network.proxy.type", 2);
pref("browser.cache.disk.capacity", 3000);
  • /etc/firefox-3.[05]/pref/ubufox.js
pref("browser.startup.homepage", "file:/etc/firefox-homepage.properties");
  • /etc/firefox-homepage.properties
browser.startup.homepage=http://www.tsl.uct.ac.za/
  • /etc/gconf/gconf.xml.mandatory/%gconf-tree.xml
<?xml version="1.0"?>
 <gconf>
 	<dir name="apps">
 		<dir name="nautilus">
 			<dir name="preferences">
 				<entry name="thumbnail_limit" mtime="1252410114" type="int" value="512000"/>
 			</dir>
 		</dir>
 		<dir name="gdm">
 			<dir name="simple-greeter">
				<entry name="banner_message_enable" mtime="1268226887" type="bool" value="true"/>
				<entry name="banner_message_text" mtime="1268226887" type="string">
					<stringvalue>Any problems? Email help@tsl.uct.ac.za</stringvalue>
				</entry>
				<entry name="disable_user_list" mtime="1268226887" type="bool" value="true"/>
 			</dir>
 		</dir>
 	</dir>
 	<dir name="desktop">
 		<dir name="gnome">
 			<dir name="applications">
 				<dir name="window_manager">
 					<entry name="default" mtime="1252403218" type="string">
 						<stringvalue>/usr/bin/metacity</stringvalue>
 					</entry>
 				</dir>
 			</dir>
 		</dir>
 	</dir>
 	<dir name="system">
 		<dir name="http_proxy">
 			<entry name="ignore_hosts" mtime="1252519008" type="list" ltype="string">
 				<li type="string">
 					<stringvalue>localhost</stringvalue>
 				</li>
 				<li type="string">
 					<stringvalue>127.0.0.0/8</stringvalue>
 				</li>
 				<li type="string">
 					<stringvalue>*.local</stringvalue>
 				</li>
 				<li type="string">
 					<stringvalue>137.158.0.0/16</stringvalue>
 				</li>
 				<li type="string">
 					<stringvalue>*.uct.ac.za</stringvalue>
 				</li>
 			</entry>
 			<entry name="host" mtime="1252518985" type="string">
 				<stringvalue>localhost</stringvalue>
 			</entry>
 			<entry name="use_http_proxy" mtime="1252519071" type="bool" value="true"/>
 		</dir>
 		<dir name="proxy">
 			<entry name="secure_port" mtime="1252518992" type="int" value="8080"/>
 			<entry name="secure_host" mtime="1252518987" type="string">
 				<stringvalue>localhost</stringvalue>
 			</entry>
 			<entry name="mode" mtime="1252518982" type="string">
 				<stringvalue>manual</stringvalue>
 			</entry>
 		</dir>
 	</dir>
 </gconf>

  • chmod 500 /var/lib/gdm/.gconf
  • /var/lib/gdm/.gconf.path
# treat system-wide settings as mandatory
xml:readonly:/etc/gconf/gconf.xml.system

# override some settings
# we treat settings in this location as
# owned by GDM.  Sysadmins should create
# another source if they wish to override them.
xml:readonly:$(HOME)/.gconf.mandatory

# distribution default values
xml:readonly:$(HOME)/.gconf.defaults
  • /etc/cntlm.conf
Domain          WF
Proxy           campusnet.uct.ac.za:8080
Listen          8080
NTLMToBasic     yes

Pre-imaging