ITG Unix Support
>    
     |  List directory  |  History  |  Similar  |  Print version  
OS
IRIX
Solaris
Linux
Windows
CUE
HPC
Condor
Bryce Cluster
Cloudcity Cluster
IonMan Cluster
Arches Cluster
Pople Cluster
Software
Services
FTP Hosting
Backups
Projects
EasyCondor
busynode
NavAlert

OS > Linux > Recommended UNIX post-installation steps

Recommended UNIX post-installation steps

The following steps are taken whenever ITG installs or upgrades a UNIX or Linux machine.

1. Patch the machine

Security issues exist in UNIX just as much as any other operating system. Thankfully, most issues are restricted to local use, rather than network use. Regardless of this, the first step you should take when putting a new UNIX host on the network is patch it. Please see your vendor documentation on how to perform this step, or search the wiki.

2. Automatic Updates

For IRIX or Solaris, I would recommend handling updates to them manually.

3. Time Synchronization

See Configuring Time Synchronization in UNIX.

4. Remote logging

See Setting up real-time system log forwarding under UNIX

5. Authentication

It is recommended that all machines are configured to authenticate against the IU password system. The caveat is that they will not be able to login if the IU network is down. Find out from them how they would prefer to be setup.

If they are running Solaris or IRIX, be warned that it may be a painful ordeal to setup Kerberos authentication properly (and you will get no help from UITS), so you may want to just setup local passwords anyways.

See Configure my machine to authenticate with the IU Network using Kerberos

6. Install the CUEB Standard UNIX Toolkit

We have a list of standard tools we install on each host, called the Standard UNIX Toolkit. This insures portability for scripts and user knowledge. Linux preinstalls most of the tools. Here are the tools you will want to check on:

  • ruby
  • octave
  • zsh
  • joe
  • ncftp
  • python
  • pico (SUSE) or nano (Red Hat)
  • rsync
  • locate (findutils)
  • lsof

7. Standard Desktop Applications

If the machine is to be used as a desktop, we make sure the following applications are installed:

These applications should be available on the quick launch menu of the preferred window manager. Be sure to test all of the above applications before releasing the machine to the end-user.

8. Patch again

After installing all of the above 3rd party applications, I recommend checking to see if any of the applications you have installed require patches. If so, please patch and reboot.

9. Configuring sudo

Give the primary owner of the machine, as well as the Unix admins sudo access. The way I typically handle this is by adding users to the wheel group (or in Solaris, the sysadmin group). Then I configure sudo to allow users within this group to make use of the command. For more information, see Using sudo to run commands as root

10. SSH X11 Forwarding

Please make sure that ssh_config and sshd_config are setup properly for forwarding. See Configuring OpenSSH for X11 Forwarding

11. Configure the Printers

Make sure that you have all the printers configured that the user plans to make use of. If running SUSE, please ensure that the paper size is set to "US Letter" instead of A4 (International).

12. Setup Backups

We prefer all UNIX and Linux hosts to be part of our backup network. Adding it to our backups is really easy. See Installing CUEBclient for our quick guide on how to add your host to our backup network.

DO NOT PUT THE MACHINE IN SERVICE WITHOUT RUNNING A BACKUP FIRST

 
Reference http://wiki.chem.indiana.edu/OS/RecommendedUNIXPostInstallationSteps
Rights rw-rw-r--   tstrombe   ITG

Prev. Configure my machine to authenticate with the IU Network using Kerberos   Compiling a custom Linux kernel Next

Powered by coWiki 0.4.0-dev