Difference between revisions of "COSI Linux Build"

From CSLabsWiki
 
(44 intermediate revisions by 6 users not shown)
Line 1: Line 1:
 
{{services
 
{{services
|contact_person = [[User:cmr|Corey Richardson]]
+
|contact_person = [[User:xperia64|Xperia64]]
|last_update = ''unknown''
+
|last_update = Summer 2016
 
|host_vm =
 
|host_vm =
 
|vm_host =
 
|vm_host =
|services = PXE Image for COSI
+
|services = Linux Image for COSI
 
|category = Lab Build
 
|category = Lab Build
|handoff =
+
|handoff = no
 
}}
 
}}
   
 
= Introduction =
 
= Introduction =
This page summarizes how to set up and maintain the COSI Lab Build.
+
This page summarizes how to set up and maintain the '''COSI Linux Build'''.
   
  +
The lab build was once a separate project from the [[ITL Linux Build]], but to reduce maintenance work, the ITL build is now the primary effort, and it serves well enough as the COSI lab build once several minor adjustments are made. The script /root/cosify.sh is stored in the ITL image, which can be run as root to prepare the image for use in COSI as opposed to the ITL. This script is maintained along with the ITL image itself.
The Lab Build is based off of Arch Linux. We use a read-only network drive over [http://en.wikipedia.org/wiki/Network_block_device NBD]. The disk image is created automatically [https://github.com/COSI-Lab/lab_creation with a script]. It uses standard packages with custom configuration that is automatically applied.
 
  +
  +
The ITL image is currently running on Xubuntu 17.04.
   
 
= Project Members =
 
= Project Members =
 
== Current Maintainer ==
 
== Current Maintainer ==
* [[User:cmr|Corey Richardson]]
+
*[[User:xperia64|Xperia64]]
   
 
== Past Maintainers ==
 
== Past Maintainers ==
  +
* [[User:lannonbr|Benjamin Lannon]]
  +
* [[User:northug|Graham Northup]]
  +
* [[User: beadleha|Alan Beadle]]
  +
* [[User:cmr|Corey Richardson]]
 
* [[User:Petermcv|Chris Peterman]]
 
* [[User:Petermcv|Chris Peterman]]
 
* [[User:Mckennmj|Michael McKenna-Mattiaccio]]
 
* [[User:Mckennmj|Michael McKenna-Mattiaccio]]
Line 24: Line 30:
 
* [[User:Platekme|Mark Platek]]
 
* [[User:Platekme|Mark Platek]]
   
= Requests =
+
= Software Requests =
  +
Requests for software for in COSI can go below, but please add requests for software in the ITL on the ITL Linux page.
To make requests for the lab build, the preferred method is writing a message on the whiteboard in the space allocated for this purpose. Alternatively, email the maintainer, or open a pull request on the [https://github.com/COSI-Lab/lab_creation script].
 
  +
Software that belongs in COSI but not in the ITL can be installed by the "cosify.sh" script.
   
  +
Software needed to be added to a img:
Requests for packages which are in the repositories are very likely to succeed, as well as anything in the AUR. Changes requiring significant configuration are going to take longer.
 
  +
  +
libccid pcscd lldb
  +
  +
==Needed additions to cosify.sh==
  +
These things should be added to the cosify script. At the moment they must be done manually.
  +
* Reformat swap partition as swap so that it will be swap again (not sure why this is a problem, but it is)
  +
* Modify /etc/fstab
  +
* Replace eth1 with eth0 in /etc/network/interfaces
   
 
= Initial Configuration =
 
= Initial Configuration =
 
== Installation ==
 
== Installation ==
  +
Clone the stock ITL image with clonezilla, install other software, and whatever other changes are in that script at the moment. Presently, this includes:
Here are the steps to setting up the lab build. I will assume that the host has /dev/sda3 formatted to an empty filesystem with significant (>22G) free space. It also assumes that the [https://github.com/falconindy/arch-install-scripts arch-install-scripts] are available.
 
   
  +
* Allowing the "sudo" group to bypass password authentication.
Clone [https://github.com/COSI-Lab/lab_creation.git the repository]. Run make_image.sh as root. It will leave the image in /mnt/something.img.
 
  +
* Adding "csguest" to "sudo".
  +
* Changing the root password to the COSI build standard. ('''Warning:''' This password is visible to anyone who can read the file; thus, the file is intentionally rwx only to root.)
  +
  +
Note that adding a user to a group does not affect existing sessions; this is a long-standing Linux (and probably *NIX) behavior (in that groups for users are only generated on login). This will cause issues with "sudo" for the logged-in csguest session, assuming it is from there that the script is run for the first time. You may want to use either "su" to root or "su csguest" to log in again with the new group memberships. The problem will be fixed on the next login.
  +
  +
== NFS Shenanigans ==
  +
As of January 16th, 2016, extra steps may be required to ensure the COSI build will connect to our network storage over NFS.
  +
  +
* All network interfaces must be auto in /etc/network/interfaces. For faster boot times, ensure that the interface is actually connected. Certain computers may need to have their network configuration edited from the image.
  +
* This [http://unix.stackexchange.com/a/217768 systemd service] must be added and enabled to ensure that the network is actually online before attempting to mount NFS. It may be included in debian's ifupdown package soon.
  +
* /etc/default/nfs-common should contain:
  +
<pre>NEED_STATD=no
  +
STATDOPTS=
  +
NEED_IDMAPD=no
  +
NEED_GSSD=yes</pre>
  +
* The NFS options should be as follows:
  +
<pre>vers=3,sec=krb5i,nolock,x-systemd.automount</pre>
  +
  +
== Post Install Config ==
  +
Finally, whenever recloning images, the principle on the image is host/cosi-01.cslabs.clarkson.edu and should be changed to match the computer number by entering the following commands as someone with admin credentials on Kerberos:
  +
  +
<pre>
  +
$ sudo kadmin -p <username>/admin
  +
kadmin: ktrem host/cosi-01.cslabs.clarkson.edu
  +
kadmin: ktadd host/cosi-0#.cslabs.clarkson.edu
  +
kadmin: q
  +
</pre>
  +
  +
and reboot to clear the cache and you are all set.
   
 
[[Category:Lab Builds]]
 
[[Category:Lab Builds]]
  +
  +
  +
  +
=New Lab Build (April 4, 2016)=
  +
  +
Start with a Debian Jessie iso, install (xfce and lxde), and then do a dist upgrade
  +
  +
<pre>
  +
apt-get update
  +
apt dist-upgrade
  +
apt autoremove
  +
</pre>
  +
  +
and start installing utils:
  +
  +
<pre>
  +
apt install lxdm
  +
</pre>
  +
Select lxdm as the default dm.
  +
  +
<pre>
  +
apt install xfce4-pulseaudio-plugin arandr gparted vim emacs octave virtualbox virtualbox-ext-pack
  +
apt install codeblocks eclipse blender dia gimp openscad wireshark chromium vlc audacity texmaker htop
  +
apt install openjdk-8-jdk software-properties-common
  +
add-apt-repository ppa:webupd8team/java
  +
apt-get update
  +
apt install oracle-java8-installer nmap
  +
</pre>
  +
  +
==Central Auth==
  +
  +
[[How to add Kerberos to a Debian Machine]]
  +
  +
Also - The [[COSI Arch Build]] page can help a bunch in the way of simpler documentation, but be warned, the PAM stacks are very different in file strucutre.

Latest revision as of 07:50, 8 September 2017

COSI Linux Build
Contact Person: Xperia64
Last Update: Summer 2016
Services: Linux Image for COSI


Introduction

This page summarizes how to set up and maintain the COSI Linux Build.

The lab build was once a separate project from the ITL Linux Build, but to reduce maintenance work, the ITL build is now the primary effort, and it serves well enough as the COSI lab build once several minor adjustments are made. The script /root/cosify.sh is stored in the ITL image, which can be run as root to prepare the image for use in COSI as opposed to the ITL. This script is maintained along with the ITL image itself.

The ITL image is currently running on Xubuntu 17.04.

Project Members

Current Maintainer

Past Maintainers

Software Requests

Requests for software for in COSI can go below, but please add requests for software in the ITL on the ITL Linux page. Software that belongs in COSI but not in the ITL can be installed by the "cosify.sh" script.

Software needed to be added to a img:

libccid pcscd lldb

Needed additions to cosify.sh

These things should be added to the cosify script. At the moment they must be done manually.

  • Reformat swap partition as swap so that it will be swap again (not sure why this is a problem, but it is)
  • Modify /etc/fstab
  • Replace eth1 with eth0 in /etc/network/interfaces

Initial Configuration

Installation

Clone the stock ITL image with clonezilla, install other software, and whatever other changes are in that script at the moment. Presently, this includes:

  • Allowing the "sudo" group to bypass password authentication.
  • Adding "csguest" to "sudo".
  • Changing the root password to the COSI build standard. (Warning: This password is visible to anyone who can read the file; thus, the file is intentionally rwx only to root.)

Note that adding a user to a group does not affect existing sessions; this is a long-standing Linux (and probably *NIX) behavior (in that groups for users are only generated on login). This will cause issues with "sudo" for the logged-in csguest session, assuming it is from there that the script is run for the first time. You may want to use either "su" to root or "su csguest" to log in again with the new group memberships. The problem will be fixed on the next login.

NFS Shenanigans

As of January 16th, 2016, extra steps may be required to ensure the COSI build will connect to our network storage over NFS.

  • All network interfaces must be auto in /etc/network/interfaces. For faster boot times, ensure that the interface is actually connected. Certain computers may need to have their network configuration edited from the image.
  • This systemd service must be added and enabled to ensure that the network is actually online before attempting to mount NFS. It may be included in debian's ifupdown package soon.
  • /etc/default/nfs-common should contain:
NEED_STATD=no
STATDOPTS=
NEED_IDMAPD=no
NEED_GSSD=yes
  • The NFS options should be as follows:
vers=3,sec=krb5i,nolock,x-systemd.automount

Post Install Config

Finally, whenever recloning images, the principle on the image is host/cosi-01.cslabs.clarkson.edu and should be changed to match the computer number by entering the following commands as someone with admin credentials on Kerberos:

$ sudo kadmin -p <username>/admin
kadmin: ktrem host/cosi-01.cslabs.clarkson.edu
kadmin: ktadd host/cosi-0#.cslabs.clarkson.edu
kadmin: q

and reboot to clear the cache and you are all set.


New Lab Build (April 4, 2016)

Start with a Debian Jessie iso, install (xfce and lxde), and then do a dist upgrade

apt-get update
apt dist-upgrade
apt autoremove

and start installing utils:

apt install lxdm

Select lxdm as the default dm.

apt install xfce4-pulseaudio-plugin arandr gparted vim emacs octave virtualbox virtualbox-ext-pack
apt install codeblocks eclipse blender dia gimp openscad wireshark chromium vlc audacity texmaker htop
apt install openjdk-8-jdk software-properties-common
add-apt-repository ppa:webupd8team/java
apt-get update
apt install oracle-java8-installer nmap

Central Auth

How to add Kerberos to a Debian Machine

Also - The COSI Arch Build page can help a bunch in the way of simpler documentation, but be warned, the PAM stacks are very different in file strucutre.