Difference between revisions of "SAC:Standard System Setup"

From OSGeo
Jump to: navigation, search
m (Disable SELinux)
Line 1: Line 1:
= Enable LDAP =
+
This document pertains how to setup a new VM at [[OSL|OSU OSL]]. 
  
As per [[SAC:Setup LDAP Authentication]] instructions using authconfig.
+
= Request a new VM =
  
Also need to update /etc/sudoers file like this:
+
A support request should be made to OSU OSL support *after* discussion and agreement within SAC.
 +
Details will be needed on the disk space, memory and the machine on which it should be established.  See [[SAC Server Status]] to get a sense of the machines available and what is already running on them.  The support request should be made to support at osuosl.org.
  
(need to work out how to use LDAP Admin group to identify access to sudoers file)
+
= Base VM =
  
= YUM Update =
+
New VMs are made by cloning the "Base VM", and reconfiguring the memory and disk space.  The
 +
Base VM is not normally running, but when it is it will be at base.osgeo.osuosl.org.  When policy changes are made on how the base system should be configured for all VMs, they should also be applied to this base VM.
  
sudo yum check-update
+
= Enable LDAP =  
sudo yum --exclude=dlm-kernel --exclude=cman-kernel --exclude=gnbd-kernel --exclude=GFS-kernel update
+
 
+
= Enable auto-home-dir creation =
+
 
+
Add the following line to /etc/pam.d/login and /etc/pam.d/sshd:
+
 
+
  session    required    pam_mkhomedir.so skel=/etc/skel umask=0022
+
 
+
= Mount /home from NFS =  
+
 
+
Add the following to /etc/fstab:
+
 
+
  bucket:/export/home    /mnt/home              nfs    intr
+
 
+
Then wipe, and link /home to /mnt/home after ensuring there is nothing of value in /home.
+
 
+
  mount /mnt/home
+
  rm -rf /home
+
  ln -s /mnt/home /home
+
  
= Disable SELinux =
+
As per [[SAC:Setup LDAP Authentication]] instructions setup LDAP access for the appropriate group (sac, telascience, etc) on the newly created VM.
  
On some systems it may be desired to disable SELinux. This
+
... ??
can be accomplished by:
+
  
* Editing /etc/selinux/config and changing SELINUX=enforcing to SELINUX=disabled.
 
* execute "sudo /usr/sbin/setenforce 0"
 
  
 
[[Category:Infrastructure]]
 
[[Category:Infrastructure]]

Revision as of 20:28, 27 September 2011

This document pertains how to setup a new VM at OSU OSL.

Request a new VM

A support request should be made to OSU OSL support *after* discussion and agreement within SAC. Details will be needed on the disk space, memory and the machine on which it should be established. See SAC Server Status to get a sense of the machines available and what is already running on them. The support request should be made to support at osuosl.org.

Base VM

New VMs are made by cloning the "Base VM", and reconfiguring the memory and disk space. The Base VM is not normally running, but when it is it will be at base.osgeo.osuosl.org. When policy changes are made on how the base system should be configured for all VMs, they should also be applied to this base VM.

Enable LDAP

As per SAC:Setup LDAP Authentication instructions setup LDAP access for the appropriate group (sac, telascience, etc) on the newly created VM.

... ??