Rocky 9.x Configure new laptop for personal use

From Notes_Wiki

Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > New machine configuration > Configure new laptop for personal use

OS installation

  1. Prepare bootable Rocky Linux 9 USB using: 
    dd if=Rocky-9.0-x86_64-dvd.iso of=/dev/sdd
    

    sync
    Assumes umount /dev/sdd* is done and that /dev/sdd does not has any critical data before itself.
    This can ideally be done via Rocky 9.x Ventoy to have multiple installers on a single USB
  2. Ideally boot using UEFI (F12) key so that Windows partition and boot manager are left untouched
  3. During installation select
    1. In Installation destination
      1. Select all available disks and custom partioning
      2. For partitioning dont format /boot/efi (100MB) and mount it on /boot/efi. Tyepe if "EFI System partiton"
      3. Reformat (or Create new ) root (/) and swap and mount them as / (50GB) and swap (16 GB) respectively
      4. If there is existing /mnt/data1 then mount it on same path without reformat. Or create a lvm /mnt/data1 with all other remaining available space.
      5. Dont mount /mnt/cdrive yet. We may need to install ntfs-3g before we mount that. It is possible only when C-drive is not encrypted using bitlocker.
    2. In Software Selection go with "Server with GUI". Select "Graphical Administration Tools" and "System Tools"
    3. Select Asia/Kolkata timezone and optional am/pm format, even if time is reported wrong. After installation correct time is automatically shown.
    4. Disable kdump and security profile
    5. On "Network & Host Name" set hostname as barjatiyarklp(N)
    6. Set root and user accounts. Allow root ssh login with password. Make the user administrator.
    7. Begin installation
  4. After installation setup repositories: 
    dnf -y install https://mirrors.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-9.noarch.rpm
    

    dnf -y install rpmfusion-free-release-tainted
    

    dnf -y install rpmfusion-nonfree-release-tainted


Solve Display issue with K4100M Nvidia graphics card

  1. After installation graphical display may not appear properly.
    1. Use Ctl+Alt+F2 to go to second terminal
    2. Login as root user
    3. Use 'init 3' to get root console
    4. Start NetworkManager using: 
      systemctl start NetworkManager
    5. Use 'nmtui' to activate a connection 
      nmtui
    6. SSH to the system over network and install nvidia drivers using 
      dnf -y install epel-release
      

      dnf -y config-manager --add-repo https://developer.download.nvidia.com/compute/cuda/repos/rhel9/x86_64/cuda-rhel9.repo
      

      dnf -y install kernel kernel-devel kernel-headers
      

      dnf -y install tar bzip2 make automake gcc gcc-c++ pciutils elfutils-libelf-devel libglvnd-opengl libglvnd-glx libglvnd-devel acpid pkgconfig dkms
      

      dnf -y module install nvidia-driver:latest-dkms
      Refer:
      In case of barjatiyarklp2 we can avoid nvidia related installation
      Any reinstallation can be done by first removing using
      dnf --noautoremove remove $(rpm -qa | grep nvidia)
      dnf module reset nvidia-driver
      dnf module install nvidia-driver:open-dkms
      As per https://docs.nvidia.com/cuda/cuda-installation-guide-linux/index.html#open-rhel9-rocky9-installation
      dkms build nvidia-open/520.61.05 --force
      Refer:
    7. Reboot the machine and see if graphics display is coming properly
    8. In case of Rocky Linux 9 with 5.14 kernel we get nvidia-520 version via dnf. However Quadro K4100M support was stopped at nvidia-470 version. Same is visible in /var/log/messages after boot 
      Nov 19 07:12:17 barjatiyarklp kernel: NVRM: The NVIDIA Quadro K4100M GPU installed in this system is#012NVRM:  supported through the NVIDIA 470.xx Legacy drivers. Please#012NVRM:  visit http://www.nvidia.com/object/unix.html for more#012NVRM:  information.  The 520.61.05 NVIDIA driver will ignore#012NVRM:  this GPU.  Continuing probe...


Setup Broadcom wireless

  1. Try to setup broadcom wireless using additional repositories: 
    dnf search broadcom
    

    dnf search wl
  2. Try to setup realtek wireless driver using 
    dnf -y install git
    

    dnf groupinstall "Development Tools" -y
    

    git clone https://github.com/quickreflex/rtl8188eus
    

    cd rtl8188eus
    

    make
    Below did not work
    Finally unable to get realtek or Broadcom wireless drivers for 5.14 kernel that comes with rocky linux 9 at time of this writing.
    Using Quamtum QHM300 with 'Ralink Technology, Corp. MT7601U

Wireless Adapter' is working without any additional driver installation requirement.


Initial configuration

  1. Boot and login and skip tour
  2. Allow user to run sudo without password: 
    visudo
    Enable sudo access without password for wheel group
  3. Ensure that "Location services" are turned off
  4. In "Screen Lock" Disable automatic screen lock and set Blank Screen Delay to never.
  5. In "Power" enable "Show Battery Percentage"
  6. Disable SELinux (setenforce 0, /etc/sysconfig/selinux SELINUX=disabled)
  7. Edit /etc/hosts and add appropriate entries:
    • 172.31.1.164 rekallcm1
    • Other relevant /etc/hosts entries from other machines
  8. Configure history retention Storing date / time along with commands in history
  9. (Optionally) Configure alias for checking battery status CentOS 7.x check laptop battery information
  10. (Optionally) Logout and change the display to "Standard (X11 Display manager)" from "Standard (Wayland)" and login again
  11. (Optionally) Edit /etc/yum.conf and configure keepcache=1
  12. Full update system using 'dnf -y update --skip-broken --nobest'
  13. dnf -y install epel-release
  14. dnf -y install screen tmux
  15. Start a tmux or screen session for rest of the tasks
  16. CentOS 8.x gnome prevent grouping of similar windows with alt-tab
  17. Optionally Go to settings -> Online accounts and add google account with 5TB storage
  18. Install "Passwords and Keys" Gnome application


/mnt/data1 files

First setup /mnt/data1 encrypted via Rocky 9.x Encrypt LVM logical volume before filesystem setup

If it is a new laptop with empty /mnt/data1 then copy following from old machine to new:

  • /mnt/data1/large_files/operating_systems
  • /mnt/data1/plain_folders
  • /mnt/data1/setup
  • /mnt/data1/windows_setup
  • /mnt/data1/workspace/ excluding owncloud folder

Sample command: 

  rsync -a --exclude 'lost+found' --exclude 'owncloud' root@<remote-ip>:/mnt/data1/ /mnt/data1/

If existing laptop is formatted while keeping /mnt/data1 intact then perhaps we only need to empty the owncloud folder under /mnt/data1/workspace

Also if existing laptop already had encryption enabled then we need to still do /etc/crypttab and /etc/fstab based mounting of encrypted partition in new OS also.


Install and configure required packages

dnf based packages

    dnf -y remove bind-chroot
    dnf -y install htop atop   #Colorful command-line top
    dnf -y install gimp        #Advanced image editor useful for editing pdf as images
    dnf -y install fdupes      #Duplicate file detection
    dnf -y install p7zip       #Support for 7zip
    dnf -y install expect      #For shell automation.  Includes mkpasswd utility
    dnf -y install bind bind-utils   #For DNS related tasks
    dnf -y install git         #Version control
    dnf -y install wireshark   #Packet capturing
    dnf -y install libreoffice-writer libreoffice-calc libreoffice-impress  #Libreoffice
    dnf -y install telnet nc   #For TCP connection checking
    dnf -y install freerdp     #For xfreerdp to Windows machines
    dnf -y install texlive     #For latex
    dnf -y install brasero     #For burning CD/DVD
    dnf -y install livecd-tools #For creating live USB
    dnf -y install minicom     #For working with serial ports
    dnf -y install iw          #For wireless iw command
    dnf -y install libguestfs-tools  #For virt-sysprep
    dnf -y install ImageMagick  #For image editing
    dnf -y install dia         #For diagrams
    dnf -y install xsane       #For scanning
    dnf -y install texlive-wrapfig texlive-capt-of texlive-ulem texlive-translator #For org-latex exports
    dnf -y install texlive-translator  #For compiling beamer presentations using latex
    dnf -y install gparted     #For partition management
    dnf -y install pandoc      #For documentation generation
    dnf -y install encfs       #For fuse encrypted filesystem
    dnf -y install s-nail      #Replacement for mailx
    dnf -y install python3-distro hplip       #For HP printers, without python3-distro hp-setup, hp-plugin dont work properly
    dnf -y install iotop       #For iops monitoring 
    dnf -y install lm_sensors  #To get motherboard sensors reading
    dnf -y install openconnect #For VPN
    dnf -y install simplescreenrecorder  #For screen recording
    dnf -y install erlang              #Programming
    dnf -y install byobu               #For working in background similar to screen
    dnf -y install nethack xrick zork  #Games
    dnf -y install aria2               #For parallel download
    dnf -y install transmission   #Torrent downloader
    dnf -y install vokoscreenNG   #Screen recorder

Not found packages to be searched later: 

    dnf -y install kolourpaint #Basic image editor
    dnf -y install kile okular-libs   #Latex editor -- Give okular library error


Install brave browser

sudo rpm --import https://brave-browser-rpm-release.s3.brave.com/brave-core.asc
sudo dnf -y install dnf-utils
sudo dnf config-manager --add-repo https://brave-browser-rpm-release.s3.brave.com/x86_64/
sudo dnf install brave-browser -y


Install Owncloud Desktop client

See Rocky 9.x Owncloud client via AppImage

After this also download and install KeePassXC via AppImage for password management.


Install and configure emacs

  1. dnf -y install emacs
  2. Ensure /home/saurabh/.emacs and /home/saurabh/.emacs.d are symlink to appropriate folders of application-data
  3. Validate things are working by opening to-do.org file
  4. Configure nautilus to open .org file via emacs by default


Configure nautlius

  1. Open nautilus
  2. Create bookmarks for (Open folder and press Ctrl+D)
    • /mnt/data1/workspace/gbb/owncloud/saurabh
    • /mnt/data1
    • /mnt/data1/plain_folders/documents/Desktop/rekall
  3. Configure nautilus to open .org file via emacs by default, if not done already
  4. vim ~/.config/user-dirs.dirs #As saurabh user
    Comment all except Desktop and Downloads
  5. vim /etc/xdg/user-dirs.defaults #As root user
    Comment all except Desktop and Downloads
  6. Logoff and login again
  7. Open nautilus and remove bookmarks for Documents, Music, Videos and Pictures

Refer:


Install vlc

Use the Flatpak version of VLC, which comes with its own set of codecs and dependencies: 

sudo dnf install flatpak
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
flatpak install flathub org.videolan.VLC

Then run VLC using: 

flatpak run org.videolan.VLC

This Flatpak version should include all necessary codecs and may resolve the H264 decoding issue.


Optionally install Skype

  1. Download skype rpm from https://www.skype.com/en/get-skype/download-skype-for-desktop/
  2. Install the rpm using: 
    dnf -y localinstall <rpm-name>


Configure firefox

  1. Ensure that /home/saurabh/.mozilla is symlink to application-data folder
  2. Starting firefox and see that various profiles are appearing properly.
  3. Validate history and stored passwords are working as expected


Install and configure thunderbird

  1. dnf -y install thunderbird
  2. Create symbolic link 
    ln -s /mnt/data1/workspace/application-data/thunderbird/ .thunderbird
    

    chown -h saurabh:saurabh .thunderbird
  3. Run thunderbird and validate email accounts are accessible
  4. Set date-format display using OpenSuse Leap 15 Change date-format displayed in Thunderbird
  5. Optionally set correct calendar response email ID using CentOS 8.x Thunderbird calendar invitation response email address


Configure SSH

  1. Symbolic link ssh from /mnt/data1 
    cd /home/saurabh
    

    ln -s /mnt/data1/workspace/application-data/ssh .ssh
    

    chown -h saurabh:saurabh .ssh
  2. ssh root@rekallcm1
    Enter passphrase (4cs..) and enable automatic unlock during login


Install Google chrome

  1. Refer CentOS 7.x Installing Google chrome
  2. Start chrome
  3. Do not make chrome default browser and Disable submitting of usage information
  4. Test by opening www.google.com


Configure git

  1. Configure various git parameters: 
            git config --global user.name "Saurabh Barjatiya"
        git config --global user.email "saurabh [at] sbarjatiya.com"  #Correct email address
        git config --global color.ui true
        git config --global color.status auto
        git config --global color.branch auto
        git config --global core.editor vim
  2. Configure to use simple push by default 
    git config --global push.default simple
    Refer https://stackoverflow.com/questions/21839651/git-what-is-the-difference-between-push-default-matching-and-simple


Postfix and logwatch

  1. Configure postfix gmail relay using CentOS 8.x postfix send email through relay or smarthost with smtp authentication
  2. Edit /etc/aliases and add barjatiya.saurabh [at] gmail.com as alias for root.
  3. newaliases
  4. Install and configure logwatch
  5. systemctl restart postfix
  6. systemctl enable postfix


Optionally add Windows boot option

  1. CentOS 7.x Add Windows 7 boot option to grub2
  2. Reboot into Windows and check it is working


Install Teamviewer

  1. Get latest teamviewer setup from https://www.teamviewer.com/en-us/download/linux/
  2. Install using 'dnf -y localinstall ./<file-name>'


Re-add various older VMs

Refer CentOS_8.x_Configure_rekallcm1_(high-end_desktop)_with_software_raid,_lxc,_kvm_and_other_utilities#Re-add_various_older_VMs

  1. dnf -y install libvirt virt-manager
  2. Add VMs with "Import existing disk image" option


Install nomachine

Note that Noamchine works only in wayland. It is not working with X11 display.


Sync files from rekallcm1

cp /mnt/data1/plain_folders/documents/room-documents/documents/programs/shell_scripts/sync_files_from_rekallcm1.sh /root
cd
./sync_files_from_rekallcm1.sh


(Optionally) Install openvpn

Install and configure openvpn for older Sophos firewall using 

dnf -y install openvpn
cp /mnt/data1/plain_folders/documents/room-documents/documents/programs/shell_scripts/gbb-* /root/
cp /mnt/data1/plain_folders/documents/room-documents/documents/programs/shell_scripts/rocky9-gbb* /root/


#Based on https://forums.rockylinux.org/t/installing-pritunl-vpn-client-on-rocky-linux-9/6827/2
update-crypto-policies --set LEGACY

#In another terminal test vpn
cat gbb-*
openvpn --config rocky9-gbb_*

In case of older Sophos firewall, the config file should have: 

data-ciphers-fallback AES-128-CBC
tls-version-min 1.0
tls-cert-profile insecure
providers legacy default
data-ciphers AES-256-GCM:AES-128-GCM:AES-128-CBC

for backward protocol and cipher support.


Install and configure Anydesk

  1. Refer CentOS 8.x Install anydesk
  2. Restore backup of anydesk configuration: 
    cd ~/.anydesk
    

    mv user.conf user-old.conf
    

    ln -s /mnt/data1/workspace/application-data/anydesk/anydesk-saurabh-user.conf user.conf


Install and configure RustDesk

Download rustdesk after expanding "Assets" at https://github.com/rustdesk/rustdesk/releases At time of writing there was no specific Rocky 9.x rpm so use https://github.com/rustdesk/rustdesk/releases/download/nightly/rustdesk-1.2.0-0.x86_64-fedora28-centos8.rpm instead.


Pending

Package based installations

  • Unable to find below on Rocky 9.x
    yum -y install yaws        #Erlang web server
    yum -y install bzr kdiff3  #For versioning and comparing files
    yum -y install unetbootin liveusb-creator livecd-tools #For creating live bootable USB from iso files



Home > Rocky Linux or CentOS > Rocky Linux 9.x > System Administration > New machine configuration > Configure new laptop for personal use

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Rocky_9.x_Configure_new_laptop_for_personal_use&oldid=8400"