Changes between Version 36 and Version 37 of Internal/SandboxConsoleSetup

Timestamp:

Jun 12, 2015, 9:00:46 PM (9 years ago)

Author:

msherman

Comment:

—

Internal/SandboxConsoleSetup

@@ -2 +2 @@
 
 ''' Updating for 14.04, 06/12/2015 '''
-
-The core packages can be installed as a group via this command:
-{{{
-sudo apt-get install logwatch logrotate nfs-common libpam-ldap libnss-ldap cfengine3 emacs ntp fail2ban
-}}}
-
-Instead of individually.
 
 LDAP questions are answered below.
@@ -22 +15 @@
   1. em2 - Control
 
+''' Package Installation '''
+The core packages can be installed as a group via this command:
+{{{
+sudo apt-get install logwatch logrotate nfs-common libpam-ldap libnss-ldap cfengine3 emacs ntp fail2ban
+}}}
+
+
 ''' NFS Mounting '''
-We no longer do AutoFS/auto.home since there is a long standing lag bug with the daemon that is not fixable. We've now move to direct mounting of the /home mount point.
-
- 1. add the follow line to '''/etc/fstab'''
+ 1. Add the following line to '''/etc/fstab'''
     {{{
     home:/export/home /home nfs _netdev,auto 0  0
     }}}
-If you are migrating from autofs, you will need to disable autofs on startup. In some cases this is managed by upstart. A reference for removing upstart services can be found [http://askubuntu.com/questions/171798/remove-services-from-upstart here]. In ubuntu 10.04 modify /etc/init/autofs.conf and change the start on line to
-{{{
-start on never
-}}}
 
 ''' LDAP Authentication '''
-Since Autofs is not use this process is some what simpler.
+
  1. Install ldap libraries. This process will ask you a bunch of ldap related questions that will be used to prime the ldap.confs (there are 2). It's not critical to get them correct as we're just going to replace those conf's any way. (Accepting the defaults is ok).
 
- 1. The '''/etc/ldap.conf''' is one of two files that configures the ldap client. The non-comment lines in this file are as follows:
+ 1. The '''/etc/ldap.conf''' is one of two files that configures the ldap client. The non-commented lines in this file are as follows:
     {{{
     base dc=orbit-lab,dc=org
@@ -48 +42 @@
     nss_initgroups_ignoreusers backup,bin,daemon,games,gnats,irc,libuuid,libvirt-qemu,list,lp,mail,man,messagebus,news,ntp,postfix,proxy,root,sshd,statd,sync,sys,syslog,usbmux,uucp,www-data
     }}}
-    You could edit this file and change all the values to reflect this (leaveing the rest as comments) or simply replace the one you have with this [attachment:ldap.conf one]. You can also check the non-comment lines by executing:
+    You could edit this file and change all the values to reflect this (leaving the rest as comments) or simply replace the one you have with this [attachment:ldap.conf one]. You can also check the non-comment lines by executing:
     {{{
     egrep -v "^#|^$" /etc/ldap.conf
@@ -75 +69 @@
     }}}
     Again you can edit it directly or copy this [attachment:nsswitch.conf version].
- 1. Copy or create the '''/etc/ldap.secret''' file
- 1. Finally add the follow line to the '''/etc/sudoers''' file (note this is done with the visudo command).
+ 1. Copy or create the '''/etc/ldap.secret''' file from another sandbox. (needs root permissions)
+ 1. Finally add the follow line to the '''/etc/sudoers''' file (note this is done with the  visudo command). This has to be done manually.
     {{{
     %admin ALL=(ALL) ALL
     %sysadmin ALL=NOPASSWD: ALL
     }}}
-    This has to be done manually.
-
-  1.Configure networking for the node facing interface of the console e.g.:
-{{{
-auto eth1
-iface eth1 inet static
-address 10.14.0.10
-netmask 255.255.0.0
-}}}
-
-
+ 1. Configure networking for the node facing interface of the console and change the address to the appropriate subnet for the sandbox's control vlan. e.g.:
+    {{{
+    auto em2
+    iface em2 inet static
+    address 10.14.0.10
+    netmask 255.255.0.0
+    }}}
  15. We need to make sure machine have fully qualified host name (some services depend on it). So:
 {{{