Difference between revisions of "SAC:Standard System Setup"
Jump to navigation
Jump to search
(added home dir related stuff.) |
(added selinux notes) |
||
| Line 29: | Line 29: | ||
rm -rf /home | rm -rf /home | ||
ln -s /mnt/home /home | ln -s /mnt/home /home | ||
| + | |||
| + | = Disable SELinux = | ||
| + | |||
| + | On some systems it may be desired to disable SELinux. This | ||
| + | can be accomplished by: | ||
| + | |||
| + | * Editing /etc/selinux/config and changing SELINUX=enforcing to SELINUX=disabled. | ||
| + | * execute "sudo /usr/sbin/setenforce 0" | ||
Revision as of 17:40, 1 November 2006
Enable LDAP
As per SAC:Setup LDAP Authentication instructions using authconfig.
Also need to update /etc/sudoers file like this:
(need to work out how to use LDAP Admin group to identify access to sudoers file)
YUM Update
sudo yum check-update sudo yum --exclude=dlm-kernel --exclude=cman-kernel --exclude=gnbd-kernel --exclude=GFS-kernel update
Enable auto-home-dir creation
Add the following line to /etc/pam.d/login and /etc/pam.d/sshd:
session required pam_mkhomedir.so skel=/etc/skel umask=0022
Mount /home from NFS
Add the following to /etc/fstab:
bucket:/export/home /mnt/home nfs intr
Then wipe, and link /home to /mnt/home after ensuring there is nothing of value in /home.
mount /mnt/home rm -rf /home ln -s /mnt/home /home
Disable SELinux
On some systems it may be desired to disable SELinux. This can be accomplished by:
- Editing /etc/selinux/config and changing SELINUX=enforcing to SELINUX=disabled.
- execute "sudo /usr/sbin/setenforce 0"