Configure VM for lab experiments
<yambe:breadcrumb>New_machine_configuration|New machine configuration</yambe:breadcrumb>
Configure VM for lab experiments
This page is intended to describe settings to be done, files to be copied, packages to be installed via yum or source after OS has been installed on a VM to be used for lab experiments. It was last updated during Cent-OS 6.3 installation on 20th March, 2013
Installing OS
Install OS with following partitioning:
- Create swap of about 1024MB
- Allocate rest of the space to / (ext3)
GUI configuration
- Remove user switch option from panel from top right corner of screen
- Add system monitor panel extension for monitoring CPU, hard-disk and network usage.
- Remove all folders (Documents, Downloads, Music, Pictures, etc.) from home folder except Desktop
- Configure nautilus properly
- Show hidden and backup files
- Always open in browser window
- View executable text files when they are opened
- Preview for files smaller than 500KB
- Add lock icon to panel for locking screen
- Disable screensaver and locking
- Configure display to go to never go to sleep. Also configure power management such that when power button is pressed system shuts down.
Configure firefox
- Edit preferences for file download and blank page as home
- Configure proper proxy and no proxy for values
Configure terminal
Do following changes immediately after OS install to configure terminals
- Create file /etc/profile.d/history.sh as mentioned at Storing date / time along with commands in history
Configure Ctl+Alt+t to be shortcut for running terminal- Configure sudo to allow user saurabh to run all commands as root as mentioned at Allowing user to run all commands as root without specifying password
- Create shortcut for root terminal in gnome-panel with command 'sudo su -' to be run in terminal with '/usr/share/pixmaps/keyring.png' as image file.
- Remove all temporary files created in /root by anaconda
Configure start-up applications
Go to System -> Preferences -> Start-up applications and disable following start-up applications:
- AT SPI Registry Wrapper
- Automatic bug reporting tool
- Bluetooth
- Disk Notification
- File context maintainer
- Gnome Login Sound
- Network Authentication
- Network manager
- Packetkit update
- Personal file sharing
- Policykit authentication agent
- Power Manager
- Print Queue Applet
- Pulseaudio Sound System
- Remote desktop
- Screensaver
- SELinux troubleshooter
- Smart card manager
- Spice vdagents
- Terminal server client autostart
- User folder update
- Visual assistance
- Volume Control
Disable SELinux
Edit file '/etc/sysconfig/selinux' and set value for SELINUX parameter to 'disabled'
Disabling services
Disable following services after OS is installed from automatically starting in run-levels 3 to 5: (List is alphabetic)
- NetworkManager
- abrt-ccpp
- abrt-oops
- abrtd
- auditd
- avahi-daemon
- bluetooth
- cachefilesd
- certmonger
- cgconfig
- edac
- fcoe
- fcoe-target
- ibacm
- iscsi
- iscsid
- isdn
- ksm
- ksmtuned
- libvirt-guests
- libvirt-qmf
- libvirtd
- lldpad
- lvm2-monitor
- mcelogd
- mdmonitor
- nfslock
- pcscd
- pppoe-server
- qpidd
- rpcbind
- rpcgssd
- rpcidmapd
- sandbox
- spice-vdagentd
- stap-server
- tog-pegasus
- trace-cmd
- xinetd
One can use following shell script to disable all above mentioned services:
#!/bin/bash SERVICES="NetworkManager abrt-ccpp abrt-oops abrtd auditd avahi-daemon bluetooth cachefilesd certmonger cgconfig cups edac fcoe fcoe-target ibacm iscsi iscsid isdn ksm ksmtuned libvirt-guests libvirt-qmf libvirtd lldpad lvm2-monitor mcelogd mdmonitor nfslock pcscd pppoe-server qpidd rpcbind rpcgssd rpcidmapd sandbox spice-vdagentd stap-server tog-pegasus trace-cmd xinetd " for SERVICE1 in $SERVICES; do echo "Going to run " chkconfig $SERVICE1 off chkconfig $SERVICE1 off done exit 0
If the VM is going to be used for lvm based experiments then lvm2-monitor should be enabled. Similarly if VM would be used for software raid experiments then mdmonitor should be enabled. The point is based on the nature of experiment few of the above services may have to be enabled. The current list is very exhaustive to ensure that all non-critical services are stopped.
Enabling services
- Configure 'network' service by going to '/etc/sysconfig/network-scripts' and editing appropriate ifcfg file.
- Enable network on start-up using 'chkconfig network on'
- Configure ntpdate by editing '/etc/ntp.conf' and '/etc/ntp/step-tickers'.
- Enable ntpdate on start-up using 'chkconfig ntpdate on'
Configure yum
Configure yum with following repositories
- rpmfusion
- rpmforge
- epel
To configure use following steps:
- Vist http://www.rpmfusion.org/ and choose link 'Enable RPM Fusion no your system'.
- Then download both RPM Fusion free and RPM Fusion nonfree setup rpms
- Install epel using from http://ftp.cuhk.edu.hk/pub/linux/fedora-epel/6/i386/epel-release-6-8.noarch.rpm
- Install downloaded rpms using 'rpm -ivh rpmfusion*'
- Disable 'rpmfusion-free-updates-testing' and 'rpmfusion-nonfree-updates-testing' repositories
- Visit http://repoforge.org/use/ and download rpmfile for configuring repoforge (rpmforge) repository.
- Configure repoforge repository using downloaded rpm file 'rpm -ivh repo*.rpm'
- Edit '/etc/yum.conf' and configure proper proxy
and do 'keepcache=1' - rsync yum cache backup from updated machines '/var/cache/yum' folder with keepcache=1 to current machine
Installing packages from yum
Install following packages using yum (List is alphabetic)
- atop
- denyhosts
- dot
- encfs
- emacs
- flash-plugin
- geany
- htop
- hunt
- iptraf
- john
- libotf-devel
- openvpn
- phpMyAdmin
- tcptrack
- wireshark
- wireshark-gnome
Following script can be used to install above packages:
#!/bin/bash PACKAGES="atop denyhosts dot encfs emacs flash-plugin geany htop hunt iptraf john libotf-devel openvpn phpMyAdmin tcptrack wireshark wireshark-gnome" yum -y install $PACKAGES exit 0
Configure SSH
- Enable connection multiplexing as explained at Sharing multiple ssh connections
- Disable GSSAPI authentication using 'GSSAPIAuthentication no'
Disable guest account
- Use 'userdel -r xguest' to disable guest account
Install packages from source
Install following packages from source:
<yambe:breadcrumb>New_machine_configuration|New machine configuration</yambe:breadcrumb>