Installing final Fedora 16
==========================
Used hard disk install technique, fetching the initrd.img and vmlinuz files
from the x86_64 DVD iso image (isolinux directory) and stashing them in
/mainboot/f16. Then in the /mainboot/grub/grub.conf file added these
entries:
title Fedora 16 x86_64
rootnoverify (hd0,2)
chainloader +1
title Install Fedora 16 x86_64
root (hd0,0)
kernel /f16/vmlinuz repo=hd:LABEL=ZOOTY:/salvage/iso-images/Fedora-16-x86_64-DVD/
initrd /f16/initrd.img
Commented out the entry for the /fedora16 mountpoint in /etc/fstab, then
rebooted and selected the "Install Fedora 16 x86_64" grub menu item.
That boots the anaconda installer, and once in the installer, found the
partition labeled FEDORA16 and reformatted and installed to it.
Once the initial install was finished, booted back into fedora 15. Have
not yet run firstboot in f16.
Relabel the fedora 16 partition (which anaconda erased the label of
when installing) as FEDORA16 and remount it on /fedora16.
Initial package snapshot
========================
As an aid to see what extra junk I wind up installing when I want to know
what to add to fedora 17 in 6 months, used chroot to get to the /fedora16
partition and run:
rpm -q --qf "%{NAME}.%{ARCH}\n" -a > /zooty/info/f16-install-rpms.txt
Before firstboot
================
NOTE: I have a /zooty/projects/zeroboot/ directory now with a much
more spiffed version of a zeroboot.sh script to run instead of this.
As root, run:
/zooty/info/zerothboot.sh /fedora16
Manually fix /fedora16/boot/grub2/grub.cfg to remove junk generated
by os prober (between /etc/grub.d/30_os-prober lines).
Manually fix /fedora16/etc/default/grub to add the line
GRUB_DISABLE_OS_PROBER="true"
Also change sun16 to sun32 in both files.
Firstboot
=========
Go ahead and boot f16 for first time after install now.
During firstboot, define user tom as uid 2304, gid 100 (users).
After logging in run (as root)
dracut --force
This will get the sun32 font into the initial ramdisk so the fonts
will look right during boot from now on.
yum install yum-plugin-downloadonly
yum -y --skip-broken update
That gets all the initial updates loaded.
Got this error:
Updating : 2:qemu-common-0.15.1-1.fc16.x86_64 32/174
Non-fatal POSTIN scriptlet failure in rpm package 2:qemu-common-0.15.1-1.fc16.x86_64
Operation failed: No such file or directory
Operation failed: No such file or directory
warning: %post(qemu-common-2:0.15.1-1.fc16.x86_64) scriptlet failed, exit status 1
yum -C erase grub ccache evolution evolution-NetworkManager \
evolution-data-server-devel evolution-help nspluginwrapper
emacs
=====
For ~tom and ~root directories:
rm -f .emacs profile
ln -s /zooty/home/tom/.emacs .
ln -s /zooty/home/tom/profile .
Now my fingers know how to work when running emacs as tom or as root.
repos
=====
http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm
http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm
http://redhawk.ccur.com/nightstar-lx/ccur-nstar-lx-redhat-repo-4.2-1.noarch.rpm
/zooty/downloads/adobe/adobe-release-i386-1.0-1.noarch.rpm
/zooty/downloads/adobe/adobe-release-x86_64-1.0-1.noarch.rpm
Install software
================
The file f16-rpms.txt is left over from beta f16 and is the last set of
rpms I recorded having, so it is a good starting place for missing rpms.
sort < /zooty/info/f16-install-rpms.txt > /tmp/base.txt
sort < /zooty/info/f16-rpms.txt > /tmp/extra.txt
comm -13 /tmp/base.txt /tmp/extra.txt > /tmp/missing.txt
Edit that missing set to remove fonts (got too many of them anyway)
and all the ccur-* packages and adobe packages. Just install the
rpmfusion repos then do:
yum -y --skip-broken install `cat /tmp/missing.txt`
Got a couple of errors (I guess things changed since the beta):
Setting up Install Process
No package gdm-plugin-fingerprint.x86_64 available.
Package kpackagekit-0.6.3.3-2.fc15.x86_64 is obsoleted by apper-0.7.1-0.4.20111021.fc16.x86_64 which is already installed
Package openoffice.org-voikko-3.1.2-5.fc16.x86_64 is obsoleted by libreoffice-voikko-3.2-4.fc16.x86_64 which is already installed
I should have enough 32 bit libs installed now for it to be safe to install
the adobe and ccur stuff and not drag in a 32 bit lib from an undesirable
source.
yum --nogpg install \
http://redhawk.ccur.com/nightstar-lx/ccur-nstar-lx-redhat-repo-4.2-1.noarch.rpm \
/zooty/downloads/adobe/adobe-release-i386-1.0-1.noarch.rpm \
/zooty/downloads/adobe/adobe-release-x86_64-1.0-1.noarch.rpm
yum -y install AdobeReader_enu flash-plugin.x86_64 ccur-NightStar-LX
rpm -q --qf "%{NAME}.%{ARCH}\n" -a > /zooty/info/f16-round1-rpms.txt
OK, time to boot back into f15 and see what's been happening on the mail
front and wot-not...
OK, I'm back in f15. Let's do this:
rpm -q --qf "%{NAME}.%{ARCH}\n" -a > /zooty/info/f15-rpms.txt
comm -13 /zooty/info/f16-round1-rpms.txt /zooty/info/f15-rpms.txt > \
/zooty/info/f16-missing.txt
I don't actually see anything in that list that I can get from a repo.
The only missing stuff are things that are different in f16 or that I know
I have to get from a specail source. (nxclient from nomachine, gkrellm from
download directory, libdvdcss build from source, etc).
ssh
===
cp /etc/ssh/*key* /fedora16/etc/ssh/*key* (zeroboot script did this already)
merge setting from /etc/ssh/sshd_config into /fedora16 version.
cp /fedora15/etc/*hamster*.txt /etc/
networking
==========
First remove the useless nat networking from libvirtd.
virsh net-destroy default
virsh net-undefine default
Then reproduce the bridge setup from fedora 15:
cp /fedora15/etc/sysconfig/network-scripts/ifcfg-p6p1 \
/etc/sysconfig/network-scripts/ifcfg-p6p1
cp /fedora15/etc/sysconfig/network-scripts/ifcfg-br0 \
/etc/sysconfig/network-scripts/ifcfg-br0
chkconfig --level 35 network on
chkconfig --level 12345 NetworkManager off
cp /fedora15/etc/sysconfig/iptables /etc/sysconfig/iptables
cp /fedora15/etc/sysconfig/ip6tables /etc/sysconfig/ip6tables
cp /fedora15/etc/hosts.allow /etc/hosts.allow
cp /fedora15/etc/hosts.deny /etc/hosts.deny
cp /fedora15/etc/resolv.conf* /etc
cp /fedora15/etc/hosts /etc
reboot to make this all take effect
libdvdcss
=========
as user tom:
cp /zooty/home/tom/.rpmmacros ~/
rpm -ihv /zooty/downloads/libdvdcss-1.2.10-1.src.rpm
cd /zooty/build/rpmbuild/SPECS
rpmbuild -bb libdvdcss.spec
As root:
yum --nogpg install /zooty/build/rpmbuild/RPMS/x86_64/libdvdcss-1.2.10-1.x86_64.rpm
more user tom stuff
===================
cd ~/
cp -rp /zooty/home/tom/.ssh .ssh
(Greet! After waiting 30 seconds, the ssh forwarded link to work is
back up again).
build tools
===========
cd /zooty/info
./build-all.sh
(The above can be done via the ~/cronscripts/do-zooty-chroot script
as well without booting into new partition).
NOTE: Really need to add trollfilter and dannyboy to the build
(mail don't work without them)
Might want to add cdrtools as well.
systemd
=======
Let's try to keep system log from filling the disk :-).
/etc/systemd/system.conf
set LogLevel to "err"
services
========
Things are moving more into systemd in f16, but let's see what we have
still under chkconfig:
chkconfig --level 12345 iscsi off
chkconfig --level 12345 iscsid off
chkconfig --level 12345 libvirt-guests off
chkconfig --level 12345 nslm off
chkconfig --level 12345 openct off
chkconfig --level 12345 sandbox off
Now for systemd services which are near impossible to query...
The best you can do is: ls /etc/systemd/system/*.wants/*.service
systemctl disable bluetooth.service
systemctl disable abrt-ccpp.service
systemctl disable abrtd.service
systemctl disable abrt-oops.service
systemctl disable abrt-vmcore.service
systemctl disable avahi-daemon.service
systemctl disable chronyd.service
systemctl disable mdmonitor.service
systemctl disable lvm2-monitor.service
systemctl disable mdmonitor-takeover.service
Having disabled chronyd, need to enable ntp:
Uncomment the "restrict 192.168.1.0" line in /etc/ntp.conf so local
systems can ask zooty for the time of day.
chkconfig --level 35 ntpd on
Let's see if things still work after reboot (seem to be OK).
nomachine nxclient
==================
Check out the nomachine web page for latest nxclient.
yum --nogpg install \
http://64.34.161.181/download/3.5.0/Linux/nxclient-3.5.0-7.x86_64.rpm
gkrellm themes
==============
yum localinstall /zooty/downloads/gkrellm-themes-2.1.9-4.noarch.rpm
nfs
===
cp /fedora15/etc/exports /etc/exports
Which looks like this:
/zooty 192.168.1.0/24(rw,sync)
systemctl enable nfs-server.service
Note: On kvm or other client machine, add this fstab entry:
zooty:/zooty /zooty nfs rw
samba
=====
cp /fedora15/etc/samba/smb.conf /etc/samba/smb.conf
systemctl enable smb.service
systemctl enable nmb.service
user root
=========
cd ~root
cp -r /fedora15/root/.ssh .ssh
fonts
=====
OMG! The world's most important hint!!!! Make fonts readable again:
cd /etc/fonts/conf.d/
ln -s ../conf.avail/10-autohint.conf .
Font designers apparently live in a world of $20,000 300 DPI displays
and the font rendering they specify is optimized for them. Turning on
autohinting (which is what linking in that config file does) makes the
computer decide how to render the fonts rather than following the
instructions only someone with a 300 DPI display could love.
You can also run dconf-editor and find something like
org.gnome.desktop.interface and change the default fonts from the new
Cantarell to something like DejaVu Sans.
Finally, there is the "Theme Font & Size Changer" add on for firefox
which allows you to bump the size of the microscopic fonts that
are in the default firefox theme.
sudoers
=======
cp /fedora15/etc/sudoers /etc/sudoers
truecrypt (a.k.a realcrypt)
===========================
cp /fedora15/usr/bin/truecrypt /usr/bin/truecrypt
That installs this script:
#!/bin/bash
#
unset DISPLAY
exec /usr/sbin/realcrypt -t "$@"
Still need the service script to make sure all mounted volumes get
unmounted when I reboot.
cp /fedora15/etc/rc.d/init.d/truecrypt /etc/rc.d/init.d/truecrypt
chkconfig --add truecrypt
service truecrypt start
mkdir /secure
Seems to work OK.
postfix part 1
==============
service sendmail stop
edit /etc/aliases and make tom be the final alias for root
newaliases
alternatives --config mta
(select # corresponding to postfix)
chkconfig --level 2345 postfix on
service postfix start
lm_sensors
==========
sensors-detect
hddtemp
=======
service hddtemp start
chkconfig --level 2345 hddtemp on
APC ups
=======
It is detected by gnome-power-manager, but that doesn't seem to help
it shutdown cleanly. For that need to:
service apcupsd start
chkconfig --level 2345 apcupsd on
(the default config file in /etc/apcupsd seems to be reasonable).
pptp
====
pptpsetup --create ccur --server vpnflc.ccur.com --username tomh --password
cp /fedora16/etc/rc.d/init.d/novpn /etc/rc.d/init.d/
chkconfig --add novpn
Hey! I should add that novpn script to the zeroboot script!
recover comment in the /etc/ppp/peers/ccur file about alternate servers
sillycalc
=========
cp /fedora15/usr/local/bin/sillycalc /usr/local/bin
anacron
=======
anacron is now installed along with cronie so you can't just
remove anything
Make sure to run /usr/local/bin/fix-anacron
cp /fedora15/etc/crontab /etc/crontab
That restores the crontab file from fedora 14 that runs the hourly,
daily, weekly, etc jobs at fixed times dammit.
service crond restart
afteryum
========
cp /zooty/info/afteryum.py /usr/lib/yum-plugins/afteryum.py
cp /zooty/info/afteryum.conf /etc/yum/pluginconf.d/afteryum.conf
logwatch
========
Do initial run of /usr/local/bin/fix-logwatch
fix ugly cursors
================
yum install bluecurve-cursor-theme (did that already)
Fix in two places:
Edit /usr/share/icons/default/index.theme
Change to say: Inherits=Bluecurve
Run dconf-editor, goto org.gnome.desktop.interface
change cursor theme to Bluecurve
GTK style
=========
run /usr/local/bin/fix-Adwaita
more crap
=========
rm -f /etc/profile.d/color* /etc/profile.d/PackageKit* /etc/profile.d/vim*
(That gets run in the yum hook, but run it now just to get them all).
ksm
===
Latest virt updates brought ksm and ksmtuned back as explicit
services, so now I can turn them off:
chkconfig --level 12345 ksmtuned off
chkconfig --level 12345 ksm off
stunnel
=======
useradd -c 'Stunnel User' -d /var/run/stunnel -M -r -s /sbin/nologin stunnel
mkdir -p /var/run/stunnel
chown stunnel:stunnel /var/run/stunnel
cp /fedora15/etc/rc.d/init.d/stunnel /etc/rc.d/init.d/stunnel
cp /fedora15/etc/stunnel/stunnel.conf /etc/stunnel/stunnel.conf
chkconfig --add stunnel
GAAH! This doesn't seem to be starting correctly with systemd. I always
have to do a service stunnel restart after the system is up. Something else
to move to rc.local I guess...
rc.local
========
Pick up custom stuff from /fedora15/etc/rc.local
Note that rc.local moved from /etc to /etc/rc.d/
Sigh. Seems like postfix doesn't work after a reboot, add a line to
restart postfix after a delay to go with the line already there that
restarts stunnel. [Seems to work now - I can send mail immediately
after a reboot].
I think I forgot to turn on the postfix service, but if I make sure
it is enabled, it still doesn't work. It doesn't show any errors in the
maillog, but it also can't send mail. Restarting it in rc.local makes
it work OK.
Gah! httpd isn't working after reboot either. Add it to rc.local as well.
[and once again, it is now functioning correctly].
Actually, I forgot to turn on httpd. If I enable it, it does work
OK at boot time :-).
namedprime
==========
Maybe this service I have in f14 will help get stunnel working?
It looks up the names stunnel is gonna lookup early.
cp /fedora15/etc/rc.d/init.d/namedprime /etc/rc.d/init.d/namedprime
chkconfig --add namedprime
nx
==
I'm using the repos for the nx server now, and nomachine for the
nxclient rpm, but need to retrieve the custom keys from f13 partition:
cd /etc/nxserver/
cp /fedora15/etc/nxserver/* .
cert
====
Copy /etc/pki/dovecot/dovecot-openssl.cnf from old release in
case I need to re-gen certs
cp /fedora15/etc/pki/dovecot/dovecot-openssl.cnf \
/etc/pki/dovecot/dovecot-openssl.cnf
Remember how to make new cert:
rm -f /etc/pki/dovecot/certs/dovecot.pem
rm -f /etc/pki/dovecot/private/dovecot.pem
export SSLDIR=/etc/pki/dovecot
export OPENSSLCONFIG=/etc/pki/dovecot/dovecot-openssl.cnf
/usr/libexec/dovecot/mkcert.sh
virtual machines
================
cd /etc/libvirt/qemu
cp /fedora15/etc/libvirt/qemu/*.xml .
service libvirtd restart
Gah! Windows XP machine thinks the video hardware has changed.
I submitted a bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=753437
httpd
=====
cp /fedora15/etc/httpd/conf.d/zooty.conf /etc/httpd/conf.d/zooty.conf
Add this bind mount to fstab:
/zooty/web-content/html /var/www/html none rw,bind 0 0
service httpd start
chkconfig --level 2345 httpd on
Found another one: Change the IgnoreIndex setting so I can see all the
damn files (why README files are hidden by default is more than I can
imagine).
dovecot
=======
Saved original files from /etc/dovecot/conf.d/ directory in .orig~ backup
files, then modified the files to match the same changes I made in f14
comparing the files in emacs to see what differences matter and
what were just updated comments in new f15 versions. That process generated
these changes in diff -u format:
--- 10-auth.conf 2011-06-05 12:33:47.000000000 -0400
+++ 10-auth.conf 2011-06-05 12:37:10.000000000 -0400
@@ -121,7 +121,7 @@
!include auth-system.conf.ext
#!include auth-sql.conf.ext
#!include auth-ldap.conf.ext
-#!include auth-passwdfile.conf.ext
+!include auth-passwdfile.conf.ext
#!include auth-checkpassword.conf.ext
#!include auth-vpopmail.conf.ext
#!include auth-static.conf.ext
--- 10-mail.conf 2011-06-05 12:34:02.000000000 -0400
+++ 10-mail.conf 2011-06-05 12:37:52.000000000 -0400
@@ -28,6 +28,7 @@
#
#
#mail_location =
+mail_location = maildir:~/Maildir
# If you need to set multiple mailbox locations or want to change default
# namespace settings, you can do it by defining namespace sections.
--- 10-master.conf 2011-06-05 12:34:16.000000000 -0400
+++ 10-master.conf 2011-06-05 12:40:01.000000000 -0400
@@ -78,16 +78,17 @@
# permissions make it readable only by root, but you may need to relax these
# permissions. Users that have access to this socket are able to get a list
# of all usernames and get results of everyone's userdb lookups.
- unix_listener auth-userdb {
+ #unix_listener auth-userdb {
#mode = 0600
#user =
#group =
- }
+ #}
# Postfix smtp-auth
- #unix_listener /var/spool/postfix/private/auth {
- # mode = 0666
- #}
+ unix_listener /var/spool/postfix/private/auth {
+ mode = 0660
+ user = postfix
+ }
# Auth process is run as this user.
#user = $default_internal_user
--- 10-ssl.conf 2011-06-05 12:34:37.000000000 -0400
+++ 10-ssl.conf 2011-06-05 12:40:46.000000000 -0400
@@ -4,6 +4,7 @@
# SSL/TLS support: yes, no, required.
#ssl = yes
+ssl = yes
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but
--- 15-lda.conf 2011-06-05 12:34:55.000000000 -0400
+++ 15-lda.conf 2011-06-05 12:43:04.000000000 -0400
@@ -5,6 +5,7 @@
# Address to use when sending rejection mails.
# Default is postmaster@.
#postmaster_address =
+postmaster_address = postmaster@example.com
# Hostname to use in various parts of sent mails, eg. in Message-Id.
# Default is the system's real hostname.
@@ -44,5 +45,5 @@
protocol lda {
# Space separated list of plugins to load (default is global mail_plugins).
- #mail_plugins = $mail_plugins
+ mail_plugins = $mail_plugins sieve
}
--- auth-passwdfile.conf.ext 2011-06-05 12:35:16.000000000 -0400
+++ auth-passwdfile.conf.ext 2011-06-05 12:45:06.000000000 -0400
@@ -5,10 +5,10 @@
passdb {
driver = passwd-file
- args = scheme=CRYPT username_format=%u /etc/dovecot/users
+ args = /etc/dovecot.pass
}
-userdb {
- driver = passwd-file
- args = username_format=%u /etc/dovecot/users
-}
+#userdb {
+ #driver = passwd-file
+ #args = username_format=%u /etc/dovecot/users
+#}
--- auth-system.conf.ext 2011-06-05 12:35:33.000000000 -0400
+++ auth-system.conf.ext 2011-06-05 12:46:32.000000000 -0400
@@ -7,12 +7,12 @@
# PAM is typically used with either userdb passwd or userdb static.
# REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
# authentication to actually work.
-passdb {
- driver = pam
+#passdb {
+ #driver = pam
# [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=]
# [cache_key=] []
#args = dovecot
-}
+#}
# System users (NSS, /etc/passwd, or similiar).
# In many systems nowadays this uses Name Service Switch, which is
On f16 dovecot screamed about imaps and pop3s, in dovecot.conf
fix the protocols line to read:
protocols = imap pop3 lmtp
Then salvaged files and settings from f14:
cp -p /fedora15/etc/dovecot.pass /etc/dovecot.pass
chkconfig --level 2345 dovecot on
If I reclaim old home directory, this will be preserved, but should
note these setting are also required:
Setup ~/.forward to contain the line:
| /usr/local/bin/bogoliver
Setup ~/.dovecot.sieve to contain filtering tests to classify
mail into different IMAP folders automagically.
postfix part 2
==============
Similar to dovecot, I saved orig files in /etc/postfix, applied changes from
f14, and generated this diff -u output:
--- main.cf.orig~ 2011-06-05 12:59:48.000000000 -0400
+++ main.cf 2011-06-05 13:02:57.000000000 -0400
@@ -20,6 +20,7 @@
# is no cure for address rewriting mistakes or mail routing mistakes.
#
#soft_bounce = no
+soft_bounce = yes
# LOCAL PATHNAME INFORMATION
#
@@ -110,13 +111,13 @@
#
# Note: you need to stop/start Postfix when this parameter changes.
#
-#inet_interfaces = all
+inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
-inet_interfaces = localhost
+#inet_interfaces = localhost
# Enable IPv4, and IPv6 if supported
-inet_protocols = all
+inet_protocols = ipv4
# The proxy_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on by way of a
@@ -316,6 +317,12 @@
#relayhost = uucphost
#relayhost = [an.ip.add.ress]
+relayhost = [127.0.0.1]:5025
+smtp_helo_name = zooty
+smtp_sasl_auth_enable = yes
+smtp_sasl_security_options =
+smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
+
# REJECTING UNKNOWN RELAY USERS
#
# The relay_recipient_maps parameter specifies optional lookup tables
@@ -557,6 +564,15 @@
#
#fast_flush_domains = $relay_domains
+smtpd_sasl_auth_enable = yes
+smtpd_recipient_restrictions = permit_sasl_authenticated reject_unauth_destination
+smtpd_sasl_authenticated_header = yes
+smtpd_sasl_type = dovecot
+smtpd_sasl_path = private/auth
+
+smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
+smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
+
# SHOW SOFTWARE VERSION OR NOT
#
# The smtpd_banner parameter specifies the text that follows the 220
--- master.cf.orig~ 2011-06-05 13:00:05.000000000 -0400
+++ master.cf 2011-06-05 13:04:19.000000000 -0400
@@ -18,10 +18,10 @@
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
-#smtps inet n - n - - smtpd
-# -o smtpd_tls_wrappermode=yes
-# -o smtpd_sasl_auth_enable=yes
-# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+smtps inet n - n - - smtpd
+ -o smtpd_tls_wrappermode=yes
+ -o smtpd_sasl_auth_enable=yes
+ -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cp -p /fedora15/etc/pki/dovecot/certs/dovecot.pem \
/etc/pki/dovecot/certs/dovecot.pem
cp -p /fedora15/etc/pki/dovecot/private/dovecot.pem \
/etc/pki/dovecot/private/dovecot.pem
cp -rp /fedora15/etc/postfix/sasl /etc/postfix/sasl
Make sure system name is zooty.my.lan in /etc/sysconfig/network to make
postfix happy.
home directory
==============
Let's go ahead and switch back to saved home directory and make fedora 16
the master I'll run by default
In /etc/fstab add the bind mount:
/zooty/home /home none rw,bind 0 0
mv /home /home.orig
mkdir /home
In /mainboot/grub/grub.conf, switch fedora 16 entry to first in list.
reboot
user tom
========
Go ahead and turn back on tom's cron jobs:
crontab ~/profile/cron/crontab
(Seems to be working, I'm getting mail sucked up automatically
via fetchmail now).
backup & friends
================
mkdir /backup
cp -r /fedora15/root/cronscripts /root/cronscripts
edit fetch-updates script to use chroot for f15 and native for f16
edit rsync-exclude to exclude /fedora15, not /fedora16
rm -rf /backup/zooty-old
mv /backup/zooty /backup/zooty-old
mkdir -p /backup/zooty/latest
chmod 777 /backup/zooty
mv /backup/zooty-old/cb* /backup/zooty
mv /backup/zooty-old/latest/zooty /backup/zooty/latest
ln -s /root/cronscripts/rsync-backup /etc/cron.daily/zzz-rsync-backup
ln -s /root/cronscripts/fetch-updates /etc/cron.daily/fetch-updates
Also I have this to keep a snapshot of installed rpms:
ln -s /zooty/info/daily-rpm /etc/cron.daily/daily-rpm
lirc
====
cp /fedora15/etc/lirc/lircd.conf /etc/lirc/lircd.conf
chkconfig --level 35 lirc on
cp /fedora15/var/www/cgi-bin/lirc.cgi /var/www/cgi-bin/lirc.cgi
[Nah, I was just playing with this, leave it off on restore]
traffic
=======
cp /fedora15/var/www/cgi-bin/traffic-cams /var/www/cgi-bin/traffic-cams
bash bullshit
=============
Observe what happens when I hit TAB after typing cd /zoo
zooty> cd /zoobash: cd: cd: No such file or directory
/home/tom/
Another piece of crap to add to after-yum-hook:
rm -f /etc/profile.d/*completion*
printers
========
3rd party epson drivers for artisan 725:
epson-inkjet-printer-artisan-725-835-series-1.0.0-1lsb3.2.x86_64.rpm
(from http://avasys.jp/eng/linux_driver/download/lsb/epson-inkjet/escp/)
Also get required scanner packages from:
http://www.avasys.jp/lx-bin2/linux_e/spc/DL2.do
iscan-2.28.0-2.ltdl7.x86_64.rpm
iscan-data-1.12.0-3.noarch.rpm
iscan-network-nt-1.1.0-2.x86_64.rpm
cd /zooty/downloads/epson
yum install redhat-lsb-printing *.rpm [No! Don't install iscan!]
OK, now turn on the epson printer and see what happens.
Nothing (didn't really think it would auto detect a network printer
via udev :-).
Run system-config-printer and add new network printer (that found it OK).
Adjust settings to Letter rather than A4, then print test page (seems to work).
The iscan stuff doesn't work, and in fact the artisan 720 series is
absent from the list of iscan network supported scanners, so I guess
I should just remove the iscan software.
yum -C erase iscan iscan-data iscan-network-nt
The sane interface also doesn't work on the network, so I guess I
have to use the XP virtual machine if I want to scan (or just scan to
the thumb drive from the front console).
But wait!!! I found this web page which has magic voodoo for getting
scanner to work over network:
http://community.linuxmint.com/tutorial/view/465
Summary:
1. Install the iscan rpms listed above.
2. edit /etc/sane.d/epkowa.conf and fix the "net" line to read:
net epson.my.lan 1865
3. edit the /etc/sane.d/dll.conf and comment out epson2:
#epson2
4. edit /usr/share/iscan-data/fs-blacklist and comment out:
#fs-blacklist Artisan 700
By golly, after I do that, xsane seems to work!
That is until I try to scan something at high resolution, at which
point it hangs forever :-(. It works better, but I still need to use
windows to do real work...
Now add the HL-2040, use the Foomatic/hpijs-pcl5e since the one
the database says is recommended never works. Also need to
set paper size to Letter instead of A4.
That gets the two "real" printers redefined from scratch.
Now build virtual printer back ends:
cd /zooty/downloads/cups-pdf/
sh -x ./build-em (as root)
http://localhost:631/ to configure them:
pngprint (Virtual PNG image printer)
Location to disk
600 dpi
Virtual_Printer (PDF Printer)
Location Local Printer
600 dpi
done?
=====
I have nothing else to do in my list. Maybe I'm switched to f16 now?
I'll see how it goes and if I run into missing stuff...
services again
==============
Apparently I forgot to disable sendmail and enable postfix and also
forgot to enable httpd, so let's do that and comment out the new
rc.local lines I added and see if things work OK when I reboot again.
KVM disk perf
=============
I'm currently trying to compress my winxppro VM (by first expanding
it), and it is taking forever...
-rw-r--r-- 1 qemu qemu 3538087424 Nov 12 16:48 winxppro.img
-rw-r--r-- 1 qemu qemu 9181790208 Nov 12 19:49 winxppro.img
3 hours managed to write 5643702784 bytes
31,353,904.36 bytes per minute
522,565.07 bytes per second
Still got a ways to go (truely there are snails here).
-rw-r--r-- 1 qemu qemu 16061956096 Nov 12 23:19 winxppro.img
Took a total of 7 or 8 hours (don't remember as far back as when I
started :-).
Tomorrow: Move base file to winxppro.img, rescan hardware to
get audio working again, then make new winxppro.img based
on the fixed base file and run the update to recreate
all the hogs so they will have sound too.
I tried updating the scsi virtio driver and that makes windows bluescreen,
so I guess the "latest" version is too new or has bugs or something.
I tried the fedora 15 version as well (virtio-win-0.1-mm34.iso) and
it bluescreens the same way.
Yow!!! Finally got the new disk driver to install. Need to block
XP at every turn when it wants to be helpful and finally get to the
final "Have Disk" screen for driver updates and point directly
at the windows XP version of the viostor driver. Apparently the
"helpful" XP find the wrong driver and that is why the bluescreens.
Anyway, now I'm trying different options to see which one has the
best performance. My technique is to start with a totally fresh
winxppro.img file, boot up with the desired options, and run
sdelete -c in the KVM, at the same time starting the command
sleep 600 ; virsh destroy winxppro
in a root shell on the host and see how big the winxppro.img file grows
in those 10 minutes.
All default options:
-rw-r--r-- 1 root root 423296512 Nov 13 16:27 winxppro.img
With virt-manager set to cache=none mode:
-rw-r--r-- 1 root root 12813860864 Nov 13 16:44 winxppro.img
Great Googly-Moogly! I'd say cache=none is just a tad faster :-).
Let's try cache=writeback now:
-rw-r--r-- 1 root root 14574551040 Nov 13 16:58 winxppro.img
And we have a new weiner! Now let's try the final option
cache=writethrough
-rw-r--r-- 1 root root 312606720 Nov 13 17:13 winxppro.img
That option may be the same as "default", in any case, it definitely
sucks as well.
Looks like cache=writeback is my best bet.
Let's stick with writeback in KVM and now try the other options
inside the KVM.
The default inside the kvm appears to be:
Optimize for performance + Enable write cacheing on the disk
Let's uncheck the "Enable write cacheing on the disk" option and try again.
-rw-r--r-- 1 root root 14584643584 Nov 13 17:26 winxppro.img
A tiny smidge better than previous writeback test, but probably not
significant.
Now let's try the final "Optimize for quick removal" setting inside
the KVM and see what happens:
-rw-r--r-- 1 root root 14584643584 Nov 13 17:43 winxppro.img
Actually, those last two apparently ran so fast that the disk image got
completely filled with zeroes before my 10 minutes were up. Let's try them
again with only 5 minutes.
5 minute Try 1: Just writeback, no change to internal XP defaults:
-rw-r--r-- 1 root root 13242662912 Nov 13 18:09 winxppro.img
5 minute Try 2: writeback plus uncheck the "Enable write cacheing on the disk"
-rw-r--r-- 1 root root 12884901888 Nov 13 18:17 winxppro.img
5 minute Try 3: writeback plus "Optimize for quick removal"
-rw-r--r-- 1 root root 11880497152 Nov 13 18:26 winxppro.img
So it looks like my best performance is with cache=writeback in the
virtual machine definition, and default disk settings inside the
Windows XP machine itself. (Which I have now done for all my VMs).
fedora 15
=========
Chroot over to the fedora 15 partition, fiddle the symlink
documented in /etc/inittab to boot multi-user rather than
graphical.
Remove the symlinks in /etc/cron.daily added for updates and
backup
Remove the /var/spool/cron/tom crontab file.
web page
========
Fixup the /var/www/html/index.php file to be more up to date
with the current state of the system.
more crap
=========
I keep accidentally typing mc instead of mv and being jerked off into
incomprehensible curses based file manager. Make it stop:
yum -C erase mc
The log file keeps filling up with failed dbus requests to start
NetworkManager even though it is disabled. The pcscd daemon seems to be
running even though I disabled it, so I'll teach both of 'em:
yum -C erase pcsc-lite NetworkManager
Apparently the pcscd thing is more "helpful" software:
http://ludovicrousseau.blogspot.com/2011/11/pcscd-auto-start-using-systemd.html
As near as I can tell from the description in there, now that systemd
exists, anything on the system that says "I wonder if there is a smart card
reader I ought to talk to" will wind up "helpfully" starting the pcscd
service.
I used to be able to disable it, but now I have to follow up disabling
with driving a stake through its heart by completely removing it as well :-(.
systemd drivel
==============
There are tons of these messages in the log files:
Nov 18 19:59:01 zooty systemd-logind[936]: New session 413 of user tom.
Nov 18 19:59:02 zooty systemd-logind[936]: Removed session 413.
the rsyslogd filtering should be able to get rid of them:
Make a new file: /etc/rsyslog.d/systemd-drivel.conf
:programname, isequal, "systemd-logind" ~
:msg, contains, "Activating via systemd" ~
:msg, contains, "Activation via systemd failed" ~
:msg, contains, "org.freedesktop.systemd" ~
(While I was in there, tossed in a few more rules to get rid
of other less frequent but still annoying clutter messages.)
more services
=============
I see auditd running and spawning off some selinux crap. I also
see mcelog running. I don't think I need either.
/etc/default/grub - add audit=0 to kernel args
/boot/grub2/grub.cfg - do the same
chkconfig --level 12345 auditd off
chkconfig --level 12345 mcelog off
selinux
=======
Stupid selinux policy updates keep taking forever to apply. Let's
run the find-selinux script and see what I can get rid of.
These could be erased without taking the whole system with it:
yum -C erase setroubleshoot \
setroubleshoot-plugins \
setroubleshoot-server \
setools-libs \
setools-libs-python \
policycoreutils-python \
policycoreutils-sandbox \
setools-console \
selinux-policy-targeted \
checkpolicy \
policycoreutils \
selinux-policy \
policycoreutils-restorecond
Also add this to /etc/yum.conf:
exclude=selinux-policy-targeted selinux-policy
zooty disk
==========
Poor old /zooty disk up and died on me (gives me something to kill time
playing with on the Thanksgiving holiday :-). I restored the backup to
/space and renamed /space to /zooty and I'm up and running again, but I had
to redo the port of the virtual machines to f16 since I hadn't backed them
up in a while (they are backed up now :-).
Probably have more stuff I ought to install on the VMs (like the
epson artisan software, photoshop, other things).
I probably eventually want to replace it with one of those 3TB 5400 rpm
Hitachi drives with the 6GB/s interfaces, but wait a while till the prices
come back down after the flooding out of all the disk factories. (Early
guesses by CEO of Seagate is the end of 2012 before everything is normal
again).
cdrecord
========
Check out http://cdrecord.berlios.de/private/cdrecord.html for
the latest version of the real honest to gosh working cdrecord
tools, download and build from source.
unpack, cd, gmake, sudo gmake install
Everything is now under /opt/schily/bin
/bin/bash
=========
There was a bug in the initial bash rpm shipped with fedora that
removed /bin/bash from /etc/shells even on an update.
yum reinstall bash
will reinstall bash from scratch and fix /etc/shells.
libreoffice
===========
yum install libpaper
echo Letter > /etc/papersize
At last! Furshlugginer libreoffice paper size finally defaults to Letter!
firefox
-------
This stuff was all inherited by restoring home directory, but the
details are left here in case I need them again (like just now when
I found I had to make a new ~/.mozilla directory to get the weather
radar to function again).
greasemonkey and the autocomplete on greasemonkey script fix problem
with ccur webmail.
Also need to install the Sidebar Bookmark Selector addon in order to
get rid of annoying crap developers decided I needed in the bookmarks
sidebar window.
Found the "My Stuff" bookmarks were stashed up in the bookmarks toolbar
I was able to get rid of with the above addon. Created a real "My Stuff"
folder and moved them to it. Now all my bookmarks are back.
Eradicate stoopid bookmark search box in sidebar:
cat > ~/.mozilla/firefox/*.default/chrome/userChrome.css
/* Bookmarks sidebar: hide "Search:" */
#bookmarksPanel > hbox { display: none !important }
^D
In about:config
set browser.startup.homepage_override.mstone to "ignore"
to stop annoying "what's new" page popup on every update.
set browser.sessionstore.resume_from_crash to false
to stop annoying "reload session?" popup after abnormal termination.
set browser.tabs.insertRelatedAfterCurrent to false
to stop insane tab ordering
set browser.urlbar.formatting.enabled = false
to stop blindness when reading address
set browser.urlbar.trimURLs = false
to leave all the fucking information in place
set browser.tabs.autoHide = true
to get rid of tab when I only have one
look for ipv6 config and disable it as well (runs faster and better sometimes).
GACK! Firefox be busted in f13. If I try to install "too many"
plugins it just starts exiting with status 1. It works with
just the flash plugin. Looks like the culprit is greasemonkey.
This was a bug with symlinks, changed /home to a bind mount
of /zooty/home instead of a symlink.
Friday the 13th
===============
Grrr Aargh - came home Friday Apr 13, 2012 and the SSD disk was
scrogged. Tried powering off and back on and it worked for a while
then failed again.
So I swapped in a disk from one of the other systems I never
actually use (rebo) and reinstalled f16 on it.
When trying to restore everything, I noted that mail was screwed up because
I don't have /usr/local/bin/dannyboy and /usr/local/bin/trollfilter
installed. I need to add them to the build all script.
P.S. This turned out to be the infamous 5184 hours of operation
bug in the 0009 firmware for the Crucial SSD drive (and my drive
was running that long right on Friday the 13th :-).
New firmware got it going again, so SSD drive is back in zooty.
Looks like I also left isopack out of my list. Need to add it to buildall.
AVRISP mkII
===========
Need to add /etc/udev/rules.d/60-avrisp.rules:
SUBSYSTEM!="usb_device", ACTION!="add", GOTO="avrisp_end"
# Atmel Corp. JTAG ICE mkII
ATTR{idVendor}=="03eb", ATTR{idProduct}=="2103", MODE="660", GROUP="dialout"
# Atmel Corp. AVRISP mkII
ATTR{idVendor}=="03eb", ATTR{idProduct}=="2104", MODE="660", GROUP="dialout"
# Atmel Corp. Dragon
ATTR{idVendor}=="03eb", ATTR{idProduct}=="2107", MODE="660", GROUP="dialout"
LABEL="avrisp_end"
avrdude can't see programmer otherwise.
On a related note: Turns out I also have to provide power to the arduino
board for the programmer to work.