User Tools

Site Tools


new_computer_install_directions

Installation of a basic system and useful applications

sudo add-apt-repository ppa:webupd8team/java
wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
sudo sh -c 'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list'
  • Install packages from these repos
sudo apt-get update
sudo apt-get -y install dropbox
sudo apt-get -y install nautilus-dropbox oracle-java8-installer oracle-java8-set-default google-chrome-stable
  • Install MATLAB (if available) (http://www.mathworks.com/)
  • MATLAB is installed to /usr/local/bin to run MATLAB from the console run (/usr/local/bin/matlab/R2016b/bin/matlab)
sudo mkdir -p /usr/local/bin/matlab/R2016b
sudo chown arwillis:arwillis /usr/local/bin/matlab/R2016b
~/Downloads/matlab/install
/usr/local/bin/matlab/R2016b/bin/matlab
  • Install Netbeans IDE for code development
  • Netbeans is installed to /usr/local/bin to run Netbeans from the console run (/usr/local/bin/netbeans-8.1/bin/netbeans)
chmod 755 ~/Downloads/netbeans-8.1-linux.sh
rm -rf ~/.nbi # removes cached configuration information from prior installations of netbeans
sudo mkdir -p /usr/local/bin/netbeans-8.1
sudo chown arwillis:arwillis /usr/local/bin/netbeans-8.1/
~/Downloads/netbeans-8.1-linux.sh
/usr/local/bin/netbeans-8.1/bin/netbeans
  • Install aptitude, openssh-client, openssh-server, lyx, texlive, texlive-publishers, git, cvs, ubuntu-restricted-extras
sudo apt-get -y install aptitude openssh-client openssh-server lyx lynx texlive texlive-publishers git cvs
sudo apt-get -y install hunspell myspell-en-us classicmenu-indicator vlc browser-plugin-vlc gimp gimp-data gimp-plugin-registry gimp-data-extras unity-tweak-tool
sudo apt-get -y install gtk-recordmydesktop synaptic ubuntu-restricted-extras
sudo apt-get -y install pdftk terminator screen octave p7zip-full unrar rar hfsutils gv
sudo apt-get -y install lynx vlc
sudo sh -c 'echo "deb http://packages.ros.org/ros/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/ros-latest.list'
sudo apt-key adv --keyserver hkp://ha.pool.sks-keyservers.net:80 --recv-key 0xB01FA116
sudo apt-get update
sudo apt-get -y install ros-kinetic-desktop-full
sudo rosdep init
rosdep update

Octave

sudo apt-get -y install octave subversion octave-image octave-signal octave-statistics octave-quaternion octave-communications octave-control

Install Nvidia Drivers (If you have an Nvidia Graphics Card)

If you have a graphical desktop run the Software Updater program.

  • In the Software Updater make the following selections –>Settings–>Additional Drivers
  • Install the proprietary Nvidia drivers (and other drivers such as Intel firmware)

If you do not have a graphical desktop run the following console commands:

sudo apt-get -y remove --purge nvidia-* libcuda*
sudo apt-get install --reinstall libgl1-mesa-glx libgl1-mesa-dri xserver-xorg-core
sudo add-apt-repository ppa:graphics-drivers/ppa
sudo apt-get update
sudo apt-get -y install nvidia-364

Install VisionLab Server Network file access applications

  • Fix lightdm to allow manual username / password logins
printf "# Allow Manual Logins\n[SeatDefaults]\ngreeter-show-manual-login=true" | sudo tee /etc/lightdm/lightdm.conf
  • Install autofs, nfs-common, ldap-auth-client, nscd
sudo apt-get -y install autofs nfs-common ldap-auth-client nscd nslcd nslcd-utils libnss-ldapd
  • When prompted for the LDAP client configuration options provide the following:
Server Protocol & Address: ldap://visionserver-01.uncc.edu
Distinguished Name: dc=uncc,dc=edu
LDAP Version: 3
Make local root database admin: No
Does LDAP require login?: No
LDAP Account for root: cn=admin,dc=uncc,dc=edu
LDAP Root password: XXXXXXX (the LDAP root password)

If something is messed up in entering this information try it again (sudo dpkg-reconfigure ldap-auth-config)

  • Setup nsswitch to use ldap authentication
sudo auth-client-config -t nss -p lac_ldap
  • Assign local groups to a domain (ldap) user by editing /etc/security/group.conf and adding
printf "*;*;*;Al0000-2400;audio,cdrom,dialout,floppy,plugdev\n" | sudo tee --append /etc/security/group.conf
printf "# add LDAP default group memberships as in /etc/security/group.conf\nauth    required     pam_group.so use_first_pass" | sudo tee --append /etc/pam.d/common-auth

TLS Encryption for LDAP Connections

  • Copy the certificate off the server
sudo scp arwillis@visionserver-01.uncc.edu:/etc/ldap/ca_certs.pem /etc/ldap/ca_certs.pem
  • Edit the /etc/ldap/ldap.conf file and add the line below:
TLS_REQCERT	allow
TLS_CACERT	/etc/ldap/ca_certs.pem
  • Edit the /etc/nslcd.conf file and add the line below:
# The location at which the LDAP server(s) should be reachable.
uri ldap://visionserver-01.uncc.edu

# The search base that will be used for all queries.
base dc=uncc,dc=edu

# The LDAP protocol version to use.
ldap_version 3
ssl start_tls
tls_reqcert allow
tls_cacertfile /etc/ldap/ca_certs.pem
  • Install ldap-utils and test the TLS-encrypted connection
sudo apt-get -y install ldap-utils
ldapwhoami -H ldap://visionserver-01.uncc.edu -x -ZZ
ldapsearch -H ldap://visionserver-01.uncc.edu -x -b "dc=uncc,dc=edu" -LLL -ZZ dn
  • Enable TLS authentication for LDAP connections (the visionserver-01 FORCES TLS)
printf "ssl start_tls" | sudo tee --append /etc/ldap.conf
sudo service nscd restart
sudo service nslcd restart
  • Edit the /etc/passwd file and move the login for the admin user to home.old (sudo vi /etc/passwd)
  • Move the /home folder to /home.old (sudo mv /home /home.old)
  • Create the /home folder (sudo mkdir /home)
  • Modify autofs configuration as follows:
printf "/home   /etc/auto.home --timeout=60 --ghost\n" | sudo tee --append /etc/auto.master
  • Create the /etc/auto.home file and populate it for automounting user's home folders
printf "#/etc/auto.home\n*       -fstype=nfs4,sec=sys,rsize=8192,wsize=8192,soft,intr,nosuid,tcp         visionserver-01:/home1/&\n" | sudo tee --append /etc/auto.home
  • Add the mount point for the server application and data folder and set it to mount on boot
sudo mkdir /server
printf "# mount the server application and data folder\nvisionserver-01:/server        /server  nfs4 rw,soft,intr,nosuid,sec=sys,tcp,rsize=8192,wsize=8192     0       0\n" | sudo tee --append /etc/fstab

Provide Options to Modify the Linux Window Manager Look-and-Feel / Theme

  • Use different themes
sudo add-apt-repository ppa:noobslab/themes
sudo apt-get update
sudo apt-get -y install ambiance-lime ambiance-crunchy royal-gtk-theme arc-theme ultra-flat-theme windos-10-themes next-aurora-gtk flatabulous-theme yosembiance-gtk-theme humanitary-gtk-theme arc-flatabulous-theme ambiance-lime ambiance-crunchy royal-gtk-theme arc-theme ultra-flat-theme windos-10-themes next-aurora-gtk flatabulous-theme yosembiance-gtk-theme humanitary-gtk-theme arc-flatabulous-theme
sudo add-apt-repository ppa:snwh/pulp
sudo apt-get update
sudo apt-get -y install paper-gtk-theme paper-icon-theme

If you want to experiment with different themes run the “Unity Tweak Tool” and select the “Themes” Icon to change the active theme.

  • Enable minimize on click (click on dock icon minimizes the application clicked)
gsettings set org.compiz.unityshell:/org/compiz/profiles/unity/plugins/unityshell/ launcher-minimize-window true
  • Move the unity launcher bar to the screen bottom margin (if desired)
gsettings set com.canonical.Unity.Launcher launcher-position Bottom
  • Show user's name in the notification area (top right corner of screen)
gsettings set com.canonical.indicator.session show-real-name-on-panel true

MOSAIC Disk Access

sudo apt-get -y install krb5-config krb5-user samba smbclient nautilus-share cifs-utils
  • Set all the config as provided in the file below: (sudo vi /etc/sambda/smb.conf)

smb.conf

[global]
        security = ads
        workgroup = MOSAIC
        kerberos method = secrets and keytab
        client use spnego = yes
        client signing = yes
  • Set all the config as provided in the file below: (sudo vi /etc/krb5.conf)

krb5.conf

[appdefaults]
    kinit = {
      forwardable = true
    }
    pam = {
      afs_cells = uncc.edu
      ccache_dir = /tmp
      forwardable = true
      tokens = sshd
      external = sshd
    }

    pam-afs-session = {
      minimum_uid = 100
      retain_after_close = true
      debug = false
    }

[libdefaults]
    dns_lookup_realm = false
    default_realm = MOSAIC.UNCC.EDU
    forward = true
    forwardable = true
    rdns = false
    renew_lifetime = 60d
    ticket_lifetime = 60d

[realms]
    MOSAIC.UNCC.EDU = {
    }


[domain_realm]
    .mosaic.uncc.edu = MOSAIC.UNCC.EDU
    mosaic.uncc.edu = MOSAIC.UNCC.EDU

Put your credentials in a hidden text file “.mosaic_credentials” in your home directory and set permissions so no one can read this file. By starting the filename with a “.” it is considered hidden and will not be listed in a standard directory list command.

printf "<YOURMOSAICUSERNAME>\n\n<YOURMOSAICPASSWORD>\n" >> ~/.mosaic_credentials && chmod 600 ~/.mosaic_credentials

Mount the MOSAIC cifs share. We will feed the credentials automatically to avoid having to type them at login.

dbus-launch bash
gvfs-mount smb://engr-nas1.mosaic.uncc.edu/users-v1/users < ~/.mosaic_credentials

To mount a cifs share to the ~/.gvfs folder and create a link from the desktop to your MOSAIC files.

dbus-launch bash
gvfs-mount smb://engr-nas1.mosaic.uncc.edu/users-v1/users
ls ~/.gvfs
ln -s ~/.gvfs/smb-share\:server\=engr-nas1.mosaic.uncc.edu\,share\=users-v1\,user\=arwillis/users/arwillis ~/Desktop/mosaic

Two ways to unmount a cifs share in the ~/.gvfs folder

gvfs-mount -u ~/.gvfs
fusermount -u ~/.gvfs

Another way to get the MOSAIC drive to automount on login

sudo apt-get -y install gigolo

Use the gigolo interface to create the mount and set it to mount on login.

*FOR ADMINS:*

  • Create the /mosaic auto mount location
sudo mkdir /mosaic
printf "/mosaic   /etc/auto.mosaic --timeout=60 --ghost" | sudo tee --append /etc/auto.master

Mount the cifs drive with your user permissions:

kinit
sudo mount -t cifs //mosaic.uncc.edu/dfs /mnt -o user=arwillis,uid=arwillis,gid=arwillis
sudo mount -t cifs //engr-nas1.mosaic.uncc.edu/users-v1/users /mnt -o user=arwillis,uid=arwillis,gid=arwillis
sudo mount -t cifs //engr-nas1.mosaic.uncc.edu/users-v1/users /mnt -o credentials=/home/arwillis/.mosaic_credentials.txt,uid=arwillis,gid=arwillis

Maintenance

  • Install bleachbit
sudo apt-get -y install bleachbit

Server-Side Configuration

  1. The server /etc/exports file must be modified to include the new workstation.

Git Repositories

Git repositories are located in /var/lib/git folder of the visionlab.uncc.edu host. All students will have their personal space within this folder. The Git repository can be browsed at the web location: http://visionlab.uncc.edu/gitweb/

Assuming my username is “USERNAME”, I would do the following commands to create a new repository having the name “REPONAME” on the git server:

bash$ ssh visionlab.uncc.edu
USERNAME@visionlab.uncc.edu's password:
bash$ cd /var/lib/git/USERNAME
bash$ git init --bare /var/lib/git/USERNAME/REPONAME.git

To make the repository “REPONAME” visible at the web location: http://visionlab.uncc.edu/gitweb/ do the following:

bash$ ssh visionlab.uncc.edu
USERNAME@visionlab.uncc.edu's password:
bash$ cd /var/lib/git/USERNAME
bash$ find /var/lib/git/USERNAME/REPONAME.git -type d -exec chmod o+rx {} +
bash$ find /var/lib/git/USERNAME/REPONAME.git -type f -exec chmod o+r {} +

To make the repository “REPONAME” readable and writable by users in the visionlab group do the following

bash$ ssh visionlab.uncc.edu
USERNAME@visionlab.uncc.edu's password:
bash$ cd /var/lib/git/USERNAME
bash$ find /var/lib/git/USERNAME/REPONAME.git -type d -exec chgrp visionlab {} +
bash$ find /var/lib/git/USERNAME/REPONAME.git -type d -exec chmod g+rwx {} +
bash$ find /var/lib/git/USERNAME/REPONAME.git -type f -exec chgrp visionlab {} +
bash$ find /var/lib/git/USERNAME/REPONAME.git -type f -exec chmod g+rw {} +

You might want to try out these directions by creating a Git repository having name “Thesis” for your thesis documents. Then use SmartGit to clone the repository to your user directory and modify/commit/push your document as you write your thesis.

Enable Middle Mouse on Touchpad

  1. Install the xserver-xorg-input-libinput
  2. Modify the /usr/share/X11/xorg.conf.d/50-synaptics file
  3. Modify the “Default clickpad buttons” section:
# This option enables the bottom right corner to be a right button on clickpads
# and the right and middle top areas to be right / middle buttons on clickpads
# with a top button area.
# This option is only interpreted by clickpads.
Section "InputClass"
        Identifier "Default clickpad buttons"
        MatchDriver "synaptics"
        Option "SoftButtonAreas" "50% 0 82% 0 0 0 0 0"
        Option "SecondarySoftButtonAreas" "58% 0 0 15% 42% 58% 0 15%"
EndSection
new_computer_install_directions.txt · Last modified: 2017/10/05 08:45 by arwillis