HowTo < GuthrieFamily

Tags: view all tags
---+ Household IT How To's

---+++ How to install a .deb file

sudo dpkg --install _filename_

---+++ What to do if Ariadne can't mount the /var/xp filesystem

As root, do these commands:

=mdadm --assemble /dev/md0 /dev/hda5 /dev/hdb1 /dev/hdd1=

=/etc/init.d/lvm2 start=

---++ DNS Related Stuff

---+++ How to add a domain to those being serviced

New domains that we're providing name service for go into /etc/bind/named.conf.local   on both aphrodite and varsity.

---+++ How to add a host to the brokersys.com domain

To add a host to the brokerys.com domain, you need to add it to the db.brokersys.com-external file and the db.brokersys.com-internal file.  However, you need to be careful.  db.brokersys.com-internal is also updated by the DHCP server and you need to not confuse the DHCP server or a lot of the names will stop working.  So, before making manual changes to the /etc/bind/db.brokersys.com-internal file, stop bind with the command

=/etc/init.d/bind9 stop=

Then, remove the journal file with the command

=rm /etc/bind/db.brokersys.com-internal.jnl=

Then, make your edits.

When you're done, restart the name server with the command

=/etc/init.d/bind9 start=

---+++ Stuff about a Domain (like TTL and so on)

=nslookup -type=A -debug foo.tld=

---++ Add Users

Because we use Kerberos for secure authentication of users and because we store user's account information in LDAP, adding a user is a multistep procedure.  First, the Kerberos principal is created.  Then, the user is added to chromite.  Then, an LDIF file is created for that user and that LDIF file is used to add the user to LDAP.  Once that happens, the user is available on the domain.

---+++ Create the kerberos principal

To do this, first start kadmin by typing:

=/usr/sbin/kadmin=

This will bring up a prompt.  At which point you type

=add_prinicipal -pw= _new_password_ _new_username_

This adds the new user to Kerberos and allows you to set the user's password.

Then, you can type =q= to quit.

---+++ Add the user to chromite

This is just like adding a user to any other system.  It's necessary to do this step because otherwise the home directory for the user won't be created.  Use the command

=adduser= _new_username_

to add the new user.

---+++ create an LDIF entry for the new user

The easiest way to do this is to copy one of the existing LDIF files in =/usr/share/migrationtools=  I recommend starting from the file password.cybersmythe.ldif

Set the uid part of the _dn_ field to be _new_username_ and the _uid_ field should also be _new_username_.  The _cn_ field should contain the "common name" which is normally the person's full name.  The _gn_ is the first name, and the _sn_ is the last name.  The _mail_ and _mailRoutingAddress_ fields should be set to the user's email address, the _uidNumber_ should be set to the numeric user ID that was created when the user was added to chromite and the _gidNumber_ should be set to the numeric group ID that was created with the use was added to chromite.  Lastly, the _homeDirectory_ field should be set to the user's home directory and the _gecos_ field should be set to whatever value you wish to use as the user's GECOS field.

---+++ Add user to ldap directory

Run the command

=ldapadd -x -D cn=admin,dc=brokersys,dc=com -W -f= _file_

Where _file_ is replaced by the name of the LDIF file to take the information from.

---++ Add a computer to the domain

=useradd -d /dev/null -g 500 -s /bin/false= _machinename_

=smbpasswd -a -m= _machinename_

then, do the computer name change on the Windows computer

---++ Disable an account through pam-lockout

Go to the [[http://www.brokersys.com/security/authenticated/][Web Site]] and do it.

---++ Re-enable an account through pam-lockout

Go to the [[http://www.brokersys.com/security/authenticated/][Web Site]] and do it.

---++ Configure Linux to automatically set the host name of the computer when acquiring an address through DHCP

Edit the file =/etc/dhcp3/dhclient.conf= and set the value for =send host-name= to be the name of the computer you want to appear in DNS.

---++ Set up a forum

   1 Decide on the forum name and database prefix
      a. The table prefix should be smf__
   1 Create a forum directory under the main web folder
   1 Unpack the install ZIP file in the new directory
   1 Make the files writeable by www-data using "sudo chgrp www-data -R .; sudo chmod g+r -R ."
   1 Load the installation URL in a Web browser
   1 Set the forum name
   1 The URL should already be set for you.
   1 The !MySQL database name is smf
   1 The !MySQL server name is "localhost"
   1 The !MySQL user name is "smf"
   1 The !MySQL password is the minimal at the present.
   1 Create the initial administrator account
   1 Additional adminstrators should create accounts, which can then be set to administrator accounts by the initial administrator.

---++ Create SSH keys for log in

The general procedure to use is
   1 Generate a public/private key pair
   1 Append the public key to the authorized_keys file

---+++ Generating the public/private key pair

   1 Run ssh-keygen on your workstation. The default is to generate id_rsa.pub (holding the public key) and id_rsa (holding the private key) Remember your passphrase. It's a good idea to use a strong one. It's not a good idea to not have any passphrase.

---+++ Append the public key to the authorized_keys file

If it's the first key, or if you don't have an authorized_keys file, then most of these steps are unnecessary.  You could just create the .ssh file and copy
id_rsa.pub into it, renaming it to authorized_keys.  However, if you're adding your key to root (which you should do if you would normally have root access or if you can sudo sh) you probably don't want to wipe out the keys that are already there, and I believe this process is safe.

   1 Copy the id_rsa.pub file from your workstation to your home directory on the destination computer.
   1 mkdir ~/.ssh
   1 touch ~/.ssh/authorized_keys
   1 cat ~/.ssh/authorized_keys ~/id_rsa.pub &gt; ~/.ssh/authorized_keys.new
   1 mv ~/.ssh/authorized_keys.new ~/.ssh/authorized_keys
   1 chmod 644 ~/.ssh/authorized_keys

-- Main.JonathanGuthrie - 11 Jan 2008
Topic revision: r8 - 2014-12-08 - JMagGuthrie