Installing final Fedora 16 ========================== Used hard disk install technique, fetching the initrd.img and vmlinuz files from the x86_64 DVD iso image (isolinux directory) and stashing them in /mainboot/f16. Then in the /mainboot/grub/grub.conf file added these entries: title Fedora 16 x86_64 rootnoverify (hd0,2) chainloader +1 title Install Fedora 16 x86_64 root (hd0,0) kernel /f16/vmlinuz repo=hd:LABEL=ZOOTY:/salvage/iso-images/Fedora-16-x86_64-DVD/ initrd /f16/initrd.img Commented out the entry for the /fedora16 mountpoint in /etc/fstab, then rebooted and selected the "Install Fedora 16 x86_64" grub menu item. That boots the anaconda installer, and once in the installer, found the partition labeled FEDORA16 and reformatted and installed to it. Once the initial install was finished, booted back into fedora 15. Have not yet run firstboot in f16. Relabel the fedora 16 partition (which anaconda erased the label of when installing) as FEDORA16 and remount it on /fedora16. Initial package snapshot ======================== As an aid to see what extra junk I wind up installing when I want to know what to add to fedora 17 in 6 months, used chroot to get to the /fedora16 partition and run: rpm -q --qf "%{NAME}.%{ARCH}\n" -a > /zooty/info/f16-install-rpms.txt Before firstboot ================ NOTE: I have a /zooty/projects/zeroboot/ directory now with a much more spiffed version of a zeroboot.sh script to run instead of this. As root, run: /zooty/info/zerothboot.sh /fedora16 Manually fix /fedora16/boot/grub2/grub.cfg to remove junk generated by os prober (between /etc/grub.d/30_os-prober lines). Manually fix /fedora16/etc/default/grub to add the line GRUB_DISABLE_OS_PROBER="true" Also change sun16 to sun32 in both files. Firstboot ========= Go ahead and boot f16 for first time after install now. During firstboot, define user tom as uid 2304, gid 100 (users). After logging in run (as root) dracut --force This will get the sun32 font into the initial ramdisk so the fonts will look right during boot from now on. yum install yum-plugin-downloadonly yum -y --skip-broken update That gets all the initial updates loaded. Got this error: Updating : 2:qemu-common-0.15.1-1.fc16.x86_64 32/174 Non-fatal POSTIN scriptlet failure in rpm package 2:qemu-common-0.15.1-1.fc16.x86_64 Operation failed: No such file or directory Operation failed: No such file or directory warning: %post(qemu-common-2:0.15.1-1.fc16.x86_64) scriptlet failed, exit status 1 yum -C erase grub ccache evolution evolution-NetworkManager \ evolution-data-server-devel evolution-help nspluginwrapper emacs ===== For ~tom and ~root directories: rm -f .emacs profile ln -s /zooty/home/tom/.emacs . ln -s /zooty/home/tom/profile . Now my fingers know how to work when running emacs as tom or as root. repos ===== http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm http://redhawk.ccur.com/nightstar-lx/ccur-nstar-lx-redhat-repo-4.2-1.noarch.rpm /zooty/downloads/adobe/adobe-release-i386-1.0-1.noarch.rpm /zooty/downloads/adobe/adobe-release-x86_64-1.0-1.noarch.rpm Install software ================ The file f16-rpms.txt is left over from beta f16 and is the last set of rpms I recorded having, so it is a good starting place for missing rpms. sort < /zooty/info/f16-install-rpms.txt > /tmp/base.txt sort < /zooty/info/f16-rpms.txt > /tmp/extra.txt comm -13 /tmp/base.txt /tmp/extra.txt > /tmp/missing.txt Edit that missing set to remove fonts (got too many of them anyway) and all the ccur-* packages and adobe packages. Just install the rpmfusion repos then do: yum -y --skip-broken install `cat /tmp/missing.txt` Got a couple of errors (I guess things changed since the beta): Setting up Install Process No package gdm-plugin-fingerprint.x86_64 available. Package kpackagekit-0.6.3.3-2.fc15.x86_64 is obsoleted by apper-0.7.1-0.4.20111021.fc16.x86_64 which is already installed Package openoffice.org-voikko-3.1.2-5.fc16.x86_64 is obsoleted by libreoffice-voikko-3.2-4.fc16.x86_64 which is already installed I should have enough 32 bit libs installed now for it to be safe to install the adobe and ccur stuff and not drag in a 32 bit lib from an undesirable source. yum --nogpg install \ http://redhawk.ccur.com/nightstar-lx/ccur-nstar-lx-redhat-repo-4.2-1.noarch.rpm \ /zooty/downloads/adobe/adobe-release-i386-1.0-1.noarch.rpm \ /zooty/downloads/adobe/adobe-release-x86_64-1.0-1.noarch.rpm yum -y install AdobeReader_enu flash-plugin.x86_64 ccur-NightStar-LX rpm -q --qf "%{NAME}.%{ARCH}\n" -a > /zooty/info/f16-round1-rpms.txt OK, time to boot back into f15 and see what's been happening on the mail front and wot-not... OK, I'm back in f15. Let's do this: rpm -q --qf "%{NAME}.%{ARCH}\n" -a > /zooty/info/f15-rpms.txt comm -13 /zooty/info/f16-round1-rpms.txt /zooty/info/f15-rpms.txt > \ /zooty/info/f16-missing.txt I don't actually see anything in that list that I can get from a repo. The only missing stuff are things that are different in f16 or that I know I have to get from a specail source. (nxclient from nomachine, gkrellm from download directory, libdvdcss build from source, etc). ssh === cp /etc/ssh/*key* /fedora16/etc/ssh/*key* (zeroboot script did this already) merge setting from /etc/ssh/sshd_config into /fedora16 version. cp /fedora15/etc/*hamster*.txt /etc/ networking ========== First remove the useless nat networking from libvirtd. virsh net-destroy default virsh net-undefine default Then reproduce the bridge setup from fedora 15: cp /fedora15/etc/sysconfig/network-scripts/ifcfg-p6p1 \ /etc/sysconfig/network-scripts/ifcfg-p6p1 cp /fedora15/etc/sysconfig/network-scripts/ifcfg-br0 \ /etc/sysconfig/network-scripts/ifcfg-br0 chkconfig --level 35 network on chkconfig --level 12345 NetworkManager off cp /fedora15/etc/sysconfig/iptables /etc/sysconfig/iptables cp /fedora15/etc/sysconfig/ip6tables /etc/sysconfig/ip6tables cp /fedora15/etc/hosts.allow /etc/hosts.allow cp /fedora15/etc/hosts.deny /etc/hosts.deny cp /fedora15/etc/resolv.conf* /etc cp /fedora15/etc/hosts /etc reboot to make this all take effect libdvdcss ========= as user tom: cp /zooty/home/tom/.rpmmacros ~/ rpm -ihv /zooty/downloads/libdvdcss-1.2.10-1.src.rpm cd /zooty/build/rpmbuild/SPECS rpmbuild -bb libdvdcss.spec As root: yum --nogpg install /zooty/build/rpmbuild/RPMS/x86_64/libdvdcss-1.2.10-1.x86_64.rpm more user tom stuff =================== cd ~/ cp -rp /zooty/home/tom/.ssh .ssh (Greet! After waiting 30 seconds, the ssh forwarded link to work is back up again). build tools =========== cd /zooty/info ./build-all.sh (The above can be done via the ~/cronscripts/do-zooty-chroot script as well without booting into new partition). NOTE: Really need to add trollfilter and dannyboy to the build (mail don't work without them) Might want to add cdrtools as well. systemd ======= Let's try to keep system log from filling the disk :-). /etc/systemd/system.conf set LogLevel to "err" services ======== Things are moving more into systemd in f16, but let's see what we have still under chkconfig: chkconfig --level 12345 iscsi off chkconfig --level 12345 iscsid off chkconfig --level 12345 libvirt-guests off chkconfig --level 12345 nslm off chkconfig --level 12345 openct off chkconfig --level 12345 sandbox off Now for systemd services which are near impossible to query... The best you can do is: ls /etc/systemd/system/*.wants/*.service systemctl disable bluetooth.service systemctl disable abrt-ccpp.service systemctl disable abrtd.service systemctl disable abrt-oops.service systemctl disable abrt-vmcore.service systemctl disable avahi-daemon.service systemctl disable chronyd.service systemctl disable mdmonitor.service systemctl disable lvm2-monitor.service systemctl disable mdmonitor-takeover.service Having disabled chronyd, need to enable ntp: Uncomment the "restrict 192.168.1.0" line in /etc/ntp.conf so local systems can ask zooty for the time of day. chkconfig --level 35 ntpd on Let's see if things still work after reboot (seem to be OK). nomachine nxclient ================== Check out the nomachine web page for latest nxclient. yum --nogpg install \ http://64.34.161.181/download/3.5.0/Linux/nxclient-3.5.0-7.x86_64.rpm gkrellm themes ============== yum localinstall /zooty/downloads/gkrellm-themes-2.1.9-4.noarch.rpm nfs === cp /fedora15/etc/exports /etc/exports Which looks like this: /zooty 192.168.1.0/24(rw,sync) systemctl enable nfs-server.service Note: On kvm or other client machine, add this fstab entry: zooty:/zooty /zooty nfs rw samba ===== cp /fedora15/etc/samba/smb.conf /etc/samba/smb.conf systemctl enable smb.service systemctl enable nmb.service user root ========= cd ~root cp -r /fedora15/root/.ssh .ssh fonts ===== OMG! The world's most important hint!!!! Make fonts readable again: cd /etc/fonts/conf.d/ ln -s ../conf.avail/10-autohint.conf . Font designers apparently live in a world of $20,000 300 DPI displays and the font rendering they specify is optimized for them. Turning on autohinting (which is what linking in that config file does) makes the computer decide how to render the fonts rather than following the instructions only someone with a 300 DPI display could love. You can also run dconf-editor and find something like org.gnome.desktop.interface and change the default fonts from the new Cantarell to something like DejaVu Sans. Finally, there is the "Theme Font & Size Changer" add on for firefox which allows you to bump the size of the microscopic fonts that are in the default firefox theme. sudoers ======= cp /fedora15/etc/sudoers /etc/sudoers truecrypt (a.k.a realcrypt) =========================== cp /fedora15/usr/bin/truecrypt /usr/bin/truecrypt That installs this script: #!/bin/bash # unset DISPLAY exec /usr/sbin/realcrypt -t "$@" Still need the service script to make sure all mounted volumes get unmounted when I reboot. cp /fedora15/etc/rc.d/init.d/truecrypt /etc/rc.d/init.d/truecrypt chkconfig --add truecrypt service truecrypt start mkdir /secure Seems to work OK. postfix part 1 ============== service sendmail stop edit /etc/aliases and make tom be the final alias for root newaliases alternatives --config mta (select # corresponding to postfix) chkconfig --level 2345 postfix on service postfix start lm_sensors ========== sensors-detect hddtemp ======= service hddtemp start chkconfig --level 2345 hddtemp on APC ups ======= It is detected by gnome-power-manager, but that doesn't seem to help it shutdown cleanly. For that need to: service apcupsd start chkconfig --level 2345 apcupsd on (the default config file in /etc/apcupsd seems to be reasonable). pptp ==== pptpsetup --create ccur --server vpnflc.ccur.com --username tomh --password

cp /fedora16/etc/rc.d/init.d/novpn /etc/rc.d/init.d/ chkconfig --add novpn Hey! I should add that novpn script to the zeroboot script! recover comment in the /etc/ppp/peers/ccur file about alternate servers sillycalc ========= cp /fedora15/usr/local/bin/sillycalc /usr/local/bin anacron ======= anacron is now installed along with cronie so you can't just remove anything Make sure to run /usr/local/bin/fix-anacron cp /fedora15/etc/crontab /etc/crontab That restores the crontab file from fedora 14 that runs the hourly, daily, weekly, etc jobs at fixed times dammit. service crond restart afteryum ======== cp /zooty/info/afteryum.py /usr/lib/yum-plugins/afteryum.py cp /zooty/info/afteryum.conf /etc/yum/pluginconf.d/afteryum.conf logwatch ======== Do initial run of /usr/local/bin/fix-logwatch fix ugly cursors ================ yum install bluecurve-cursor-theme (did that already) Fix in two places: Edit /usr/share/icons/default/index.theme Change to say: Inherits=Bluecurve Run dconf-editor, goto org.gnome.desktop.interface change cursor theme to Bluecurve GTK style ========= run /usr/local/bin/fix-Adwaita more crap ========= rm -f /etc/profile.d/color* /etc/profile.d/PackageKit* /etc/profile.d/vim* (That gets run in the yum hook, but run it now just to get them all). ksm === Latest virt updates brought ksm and ksmtuned back as explicit services, so now I can turn them off: chkconfig --level 12345 ksmtuned off chkconfig --level 12345 ksm off stunnel ======= useradd -c 'Stunnel User' -d /var/run/stunnel -M -r -s /sbin/nologin stunnel mkdir -p /var/run/stunnel chown stunnel:stunnel /var/run/stunnel cp /fedora15/etc/rc.d/init.d/stunnel /etc/rc.d/init.d/stunnel cp /fedora15/etc/stunnel/stunnel.conf /etc/stunnel/stunnel.conf chkconfig --add stunnel GAAH! This doesn't seem to be starting correctly with systemd. I always have to do a service stunnel restart after the system is up. Something else to move to rc.local I guess... rc.local ======== Pick up custom stuff from /fedora15/etc/rc.local Note that rc.local moved from /etc to /etc/rc.d/ Sigh. Seems like postfix doesn't work after a reboot, add a line to restart postfix after a delay to go with the line already there that restarts stunnel. [Seems to work now - I can send mail immediately after a reboot]. I think I forgot to turn on the postfix service, but if I make sure it is enabled, it still doesn't work. It doesn't show any errors in the maillog, but it also can't send mail. Restarting it in rc.local makes it work OK. Gah! httpd isn't working after reboot either. Add it to rc.local as well. [and once again, it is now functioning correctly]. Actually, I forgot to turn on httpd. If I enable it, it does work OK at boot time :-). namedprime ========== Maybe this service I have in f14 will help get stunnel working? It looks up the names stunnel is gonna lookup early. cp /fedora15/etc/rc.d/init.d/namedprime /etc/rc.d/init.d/namedprime chkconfig --add namedprime nx == I'm using the repos for the nx server now, and nomachine for the nxclient rpm, but need to retrieve the custom keys from f13 partition: cd /etc/nxserver/ cp /fedora15/etc/nxserver/* . cert ==== Copy /etc/pki/dovecot/dovecot-openssl.cnf from old release in case I need to re-gen certs cp /fedora15/etc/pki/dovecot/dovecot-openssl.cnf \ /etc/pki/dovecot/dovecot-openssl.cnf Remember how to make new cert: rm -f /etc/pki/dovecot/certs/dovecot.pem rm -f /etc/pki/dovecot/private/dovecot.pem export SSLDIR=/etc/pki/dovecot export OPENSSLCONFIG=/etc/pki/dovecot/dovecot-openssl.cnf /usr/libexec/dovecot/mkcert.sh virtual machines ================ cd /etc/libvirt/qemu cp /fedora15/etc/libvirt/qemu/*.xml . service libvirtd restart Gah! Windows XP machine thinks the video hardware has changed. I submitted a bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=753437 httpd ===== cp /fedora15/etc/httpd/conf.d/zooty.conf /etc/httpd/conf.d/zooty.conf Add this bind mount to fstab: /zooty/web-content/html /var/www/html none rw,bind 0 0 service httpd start chkconfig --level 2345 httpd on Found another one: Change the IgnoreIndex setting so I can see all the damn files (why README files are hidden by default is more than I can imagine). dovecot ======= Saved original files from /etc/dovecot/conf.d/ directory in .orig~ backup files, then modified the files to match the same changes I made in f14 comparing the files in emacs to see what differences matter and what were just updated comments in new f15 versions. That process generated these changes in diff -u format: --- 10-auth.conf 2011-06-05 12:33:47.000000000 -0400 +++ 10-auth.conf 2011-06-05 12:37:10.000000000 -0400 @@ -121,7 +121,7 @@ !include auth-system.conf.ext #!include auth-sql.conf.ext #!include auth-ldap.conf.ext -#!include auth-passwdfile.conf.ext +!include auth-passwdfile.conf.ext #!include auth-checkpassword.conf.ext #!include auth-vpopmail.conf.ext #!include auth-static.conf.ext --- 10-mail.conf 2011-06-05 12:34:02.000000000 -0400 +++ 10-mail.conf 2011-06-05 12:37:52.000000000 -0400 @@ -28,6 +28,7 @@ # # #mail_location = +mail_location = maildir:~/Maildir # If you need to set multiple mailbox locations or want to change default # namespace settings, you can do it by defining namespace sections. --- 10-master.conf 2011-06-05 12:34:16.000000000 -0400 +++ 10-master.conf 2011-06-05 12:40:01.000000000 -0400 @@ -78,16 +78,17 @@ # permissions make it readable only by root, but you may need to relax these # permissions. Users that have access to this socket are able to get a list # of all usernames and get results of everyone's userdb lookups. - unix_listener auth-userdb { + #unix_listener auth-userdb { #mode = 0600 #user = #group = - } + #} # Postfix smtp-auth - #unix_listener /var/spool/postfix/private/auth { - # mode = 0666 - #} + unix_listener /var/spool/postfix/private/auth { + mode = 0660 + user = postfix + } # Auth process is run as this user. #user = $default_internal_user --- 10-ssl.conf 2011-06-05 12:34:37.000000000 -0400 +++ 10-ssl.conf 2011-06-05 12:40:46.000000000 -0400 @@ -4,6 +4,7 @@ # SSL/TLS support: yes, no, required. #ssl = yes +ssl = yes # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before # dropping root privileges, so keep the key file unreadable by anyone but --- 15-lda.conf 2011-06-05 12:34:55.000000000 -0400 +++ 15-lda.conf 2011-06-05 12:43:04.000000000 -0400 @@ -5,6 +5,7 @@ # Address to use when sending rejection mails. # Default is postmaster@. #postmaster_address = +postmaster_address = postmaster@example.com # Hostname to use in various parts of sent mails, eg. in Message-Id. # Default is the system's real hostname. @@ -44,5 +45,5 @@ protocol lda { # Space separated list of plugins to load (default is global mail_plugins). - #mail_plugins = $mail_plugins + mail_plugins = $mail_plugins sieve } --- auth-passwdfile.conf.ext 2011-06-05 12:35:16.000000000 -0400 +++ auth-passwdfile.conf.ext 2011-06-05 12:45:06.000000000 -0400 @@ -5,10 +5,10 @@ passdb { driver = passwd-file - args = scheme=CRYPT username_format=%u /etc/dovecot/users + args = /etc/dovecot.pass } -userdb { - driver = passwd-file - args = username_format=%u /etc/dovecot/users -} +#userdb { + #driver = passwd-file + #args = username_format=%u /etc/dovecot/users +#} --- auth-system.conf.ext 2011-06-05 12:35:33.000000000 -0400 +++ auth-system.conf.ext 2011-06-05 12:46:32.000000000 -0400 @@ -7,12 +7,12 @@ # PAM is typically used with either userdb passwd or userdb static. # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM # authentication to actually work. -passdb { - driver = pam +#passdb { + #driver = pam # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=] # [cache_key=] [] #args = dovecot -} +#} # System users (NSS, /etc/passwd, or similiar). # In many systems nowadays this uses Name Service Switch, which is On f16 dovecot screamed about imaps and pop3s, in dovecot.conf fix the protocols line to read: protocols = imap pop3 lmtp Then salvaged files and settings from f14: cp -p /fedora15/etc/dovecot.pass /etc/dovecot.pass chkconfig --level 2345 dovecot on If I reclaim old home directory, this will be preserved, but should note these setting are also required: Setup ~/.forward to contain the line: | /usr/local/bin/bogoliver Setup ~/.dovecot.sieve to contain filtering tests to classify mail into different IMAP folders automagically. postfix part 2 ============== Similar to dovecot, I saved orig files in /etc/postfix, applied changes from f14, and generated this diff -u output: --- main.cf.orig~ 2011-06-05 12:59:48.000000000 -0400 +++ main.cf 2011-06-05 13:02:57.000000000 -0400 @@ -20,6 +20,7 @@ # is no cure for address rewriting mistakes or mail routing mistakes. # #soft_bounce = no +soft_bounce = yes # LOCAL PATHNAME INFORMATION # @@ -110,13 +111,13 @@ # # Note: you need to stop/start Postfix when this parameter changes. # -#inet_interfaces = all +inet_interfaces = all #inet_interfaces = $myhostname #inet_interfaces = $myhostname, localhost -inet_interfaces = localhost +#inet_interfaces = localhost # Enable IPv4, and IPv6 if supported -inet_protocols = all +inet_protocols = ipv4 # The proxy_interfaces parameter specifies the network interface # addresses that this mail system receives mail on by way of a @@ -316,6 +317,12 @@ #relayhost = uucphost #relayhost = [an.ip.add.ress] +relayhost = [127.0.0.1]:5025 +smtp_helo_name = zooty +smtp_sasl_auth_enable = yes +smtp_sasl_security_options = +smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd + # REJECTING UNKNOWN RELAY USERS # # The relay_recipient_maps parameter specifies optional lookup tables @@ -557,6 +564,15 @@ # #fast_flush_domains = $relay_domains +smtpd_sasl_auth_enable = yes +smtpd_recipient_restrictions = permit_sasl_authenticated reject_unauth_destination +smtpd_sasl_authenticated_header = yes +smtpd_sasl_type = dovecot +smtpd_sasl_path = private/auth + +smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem +smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem + # SHOW SOFTWARE VERSION OR NOT # # The smtpd_banner parameter specifies the text that follows the 220 --- master.cf.orig~ 2011-06-05 13:00:05.000000000 -0400 +++ master.cf 2011-06-05 13:04:19.000000000 -0400 @@ -18,10 +18,10 @@ # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING -#smtps inet n - n - - smtpd -# -o smtpd_tls_wrappermode=yes -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +smtps inet n - n - - smtpd + -o smtpd_tls_wrappermode=yes + -o smtpd_sasl_auth_enable=yes + -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - n - - qmqpd pickup fifo n - n 60 1 pickup cp -p /fedora15/etc/pki/dovecot/certs/dovecot.pem \ /etc/pki/dovecot/certs/dovecot.pem cp -p /fedora15/etc/pki/dovecot/private/dovecot.pem \ /etc/pki/dovecot/private/dovecot.pem cp -rp /fedora15/etc/postfix/sasl /etc/postfix/sasl Make sure system name is zooty.my.lan in /etc/sysconfig/network to make postfix happy. home directory ============== Let's go ahead and switch back to saved home directory and make fedora 16 the master I'll run by default In /etc/fstab add the bind mount: /zooty/home /home none rw,bind 0 0 mv /home /home.orig mkdir /home In /mainboot/grub/grub.conf, switch fedora 16 entry to first in list. reboot user tom ======== Go ahead and turn back on tom's cron jobs: crontab ~/profile/cron/crontab (Seems to be working, I'm getting mail sucked up automatically via fetchmail now). backup & friends ================ mkdir /backup cp -r /fedora15/root/cronscripts /root/cronscripts edit fetch-updates script to use chroot for f15 and native for f16 edit rsync-exclude to exclude /fedora15, not /fedora16 rm -rf /backup/zooty-old mv /backup/zooty /backup/zooty-old mkdir -p /backup/zooty/latest chmod 777 /backup/zooty mv /backup/zooty-old/cb* /backup/zooty mv /backup/zooty-old/latest/zooty /backup/zooty/latest ln -s /root/cronscripts/rsync-backup /etc/cron.daily/zzz-rsync-backup ln -s /root/cronscripts/fetch-updates /etc/cron.daily/fetch-updates Also I have this to keep a snapshot of installed rpms: ln -s /zooty/info/daily-rpm /etc/cron.daily/daily-rpm lirc ==== cp /fedora15/etc/lirc/lircd.conf /etc/lirc/lircd.conf chkconfig --level 35 lirc on cp /fedora15/var/www/cgi-bin/lirc.cgi /var/www/cgi-bin/lirc.cgi [Nah, I was just playing with this, leave it off on restore] traffic ======= cp /fedora15/var/www/cgi-bin/traffic-cams /var/www/cgi-bin/traffic-cams bash bullshit ============= Observe what happens when I hit TAB after typing cd /zoo zooty> cd /zoobash: cd: cd: No such file or directory /home/tom/ Another piece of crap to add to after-yum-hook: rm -f /etc/profile.d/*completion* printers ======== 3rd party epson drivers for artisan 725: epson-inkjet-printer-artisan-725-835-series-1.0.0-1lsb3.2.x86_64.rpm (from http://avasys.jp/eng/linux_driver/download/lsb/epson-inkjet/escp/) Also get required scanner packages from: http://www.avasys.jp/lx-bin2/linux_e/spc/DL2.do iscan-2.28.0-2.ltdl7.x86_64.rpm iscan-data-1.12.0-3.noarch.rpm iscan-network-nt-1.1.0-2.x86_64.rpm cd /zooty/downloads/epson yum install redhat-lsb-printing *.rpm [No! Don't install iscan!] OK, now turn on the epson printer and see what happens. Nothing (didn't really think it would auto detect a network printer via udev :-). Run system-config-printer and add new network printer (that found it OK). Adjust settings to Letter rather than A4, then print test page (seems to work). The iscan stuff doesn't work, and in fact the artisan 720 series is absent from the list of iscan network supported scanners, so I guess I should just remove the iscan software. yum -C erase iscan iscan-data iscan-network-nt The sane interface also doesn't work on the network, so I guess I have to use the XP virtual machine if I want to scan (or just scan to the thumb drive from the front console). But wait!!! I found this web page which has magic voodoo for getting scanner to work over network: http://community.linuxmint.com/tutorial/view/465 Summary: 1. Install the iscan rpms listed above. 2. edit /etc/sane.d/epkowa.conf and fix the "net" line to read: net epson.my.lan 1865 3. edit the /etc/sane.d/dll.conf and comment out epson2: #epson2 4. edit /usr/share/iscan-data/fs-blacklist and comment out: #fs-blacklist Artisan 700 By golly, after I do that, xsane seems to work! That is until I try to scan something at high resolution, at which point it hangs forever :-(. It works better, but I still need to use windows to do real work... Now add the HL-2040, use the Foomatic/hpijs-pcl5e since the one the database says is recommended never works. Also need to set paper size to Letter instead of A4. That gets the two "real" printers redefined from scratch. Now build virtual printer back ends: cd /zooty/downloads/cups-pdf/ sh -x ./build-em (as root) http://localhost:631/ to configure them: pngprint (Virtual PNG image printer) Location to disk 600 dpi Virtual_Printer (PDF Printer) Location Local Printer 600 dpi done? ===== I have nothing else to do in my list. Maybe I'm switched to f16 now? I'll see how it goes and if I run into missing stuff... services again ============== Apparently I forgot to disable sendmail and enable postfix and also forgot to enable httpd, so let's do that and comment out the new rc.local lines I added and see if things work OK when I reboot again. KVM disk perf ============= I'm currently trying to compress my winxppro VM (by first expanding it), and it is taking forever... -rw-r--r-- 1 qemu qemu 3538087424 Nov 12 16:48 winxppro.img -rw-r--r-- 1 qemu qemu 9181790208 Nov 12 19:49 winxppro.img 3 hours managed to write 5643702784 bytes 31,353,904.36 bytes per minute 522,565.07 bytes per second Still got a ways to go (truely there are snails here). -rw-r--r-- 1 qemu qemu 16061956096 Nov 12 23:19 winxppro.img Took a total of 7 or 8 hours (don't remember as far back as when I started :-). Tomorrow: Move base file to winxppro.img, rescan hardware to get audio working again, then make new winxppro.img based on the fixed base file and run the update to recreate all the hogs so they will have sound too. I tried updating the scsi virtio driver and that makes windows bluescreen, so I guess the "latest" version is too new or has bugs or something. I tried the fedora 15 version as well (virtio-win-0.1-mm34.iso) and it bluescreens the same way. Yow!!! Finally got the new disk driver to install. Need to block XP at every turn when it wants to be helpful and finally get to the final "Have Disk" screen for driver updates and point directly at the windows XP version of the viostor driver. Apparently the "helpful" XP find the wrong driver and that is why the bluescreens. Anyway, now I'm trying different options to see which one has the best performance. My technique is to start with a totally fresh winxppro.img file, boot up with the desired options, and run sdelete -c in the KVM, at the same time starting the command sleep 600 ; virsh destroy winxppro in a root shell on the host and see how big the winxppro.img file grows in those 10 minutes. All default options: -rw-r--r-- 1 root root 423296512 Nov 13 16:27 winxppro.img With virt-manager set to cache=none mode: -rw-r--r-- 1 root root 12813860864 Nov 13 16:44 winxppro.img Great Googly-Moogly! I'd say cache=none is just a tad faster :-). Let's try cache=writeback now: -rw-r--r-- 1 root root 14574551040 Nov 13 16:58 winxppro.img And we have a new weiner! Now let's try the final option cache=writethrough -rw-r--r-- 1 root root 312606720 Nov 13 17:13 winxppro.img That option may be the same as "default", in any case, it definitely sucks as well. Looks like cache=writeback is my best bet. Let's stick with writeback in KVM and now try the other options inside the KVM. The default inside the kvm appears to be: Optimize for performance + Enable write cacheing on the disk Let's uncheck the "Enable write cacheing on the disk" option and try again. -rw-r--r-- 1 root root 14584643584 Nov 13 17:26 winxppro.img A tiny smidge better than previous writeback test, but probably not significant. Now let's try the final "Optimize for quick removal" setting inside the KVM and see what happens: -rw-r--r-- 1 root root 14584643584 Nov 13 17:43 winxppro.img Actually, those last two apparently ran so fast that the disk image got completely filled with zeroes before my 10 minutes were up. Let's try them again with only 5 minutes. 5 minute Try 1: Just writeback, no change to internal XP defaults: -rw-r--r-- 1 root root 13242662912 Nov 13 18:09 winxppro.img 5 minute Try 2: writeback plus uncheck the "Enable write cacheing on the disk" -rw-r--r-- 1 root root 12884901888 Nov 13 18:17 winxppro.img 5 minute Try 3: writeback plus "Optimize for quick removal" -rw-r--r-- 1 root root 11880497152 Nov 13 18:26 winxppro.img So it looks like my best performance is with cache=writeback in the virtual machine definition, and default disk settings inside the Windows XP machine itself. (Which I have now done for all my VMs). fedora 15 ========= Chroot over to the fedora 15 partition, fiddle the symlink documented in /etc/inittab to boot multi-user rather than graphical. Remove the symlinks in /etc/cron.daily added for updates and backup Remove the /var/spool/cron/tom crontab file. web page ======== Fixup the /var/www/html/index.php file to be more up to date with the current state of the system. more crap ========= I keep accidentally typing mc instead of mv and being jerked off into incomprehensible curses based file manager. Make it stop: yum -C erase mc The log file keeps filling up with failed dbus requests to start NetworkManager even though it is disabled. The pcscd daemon seems to be running even though I disabled it, so I'll teach both of 'em: yum -C erase pcsc-lite NetworkManager Apparently the pcscd thing is more "helpful" software: http://ludovicrousseau.blogspot.com/2011/11/pcscd-auto-start-using-systemd.html As near as I can tell from the description in there, now that systemd exists, anything on the system that says "I wonder if there is a smart card reader I ought to talk to" will wind up "helpfully" starting the pcscd service. I used to be able to disable it, but now I have to follow up disabling with driving a stake through its heart by completely removing it as well :-(. systemd drivel ============== There are tons of these messages in the log files: Nov 18 19:59:01 zooty systemd-logind[936]: New session 413 of user tom. Nov 18 19:59:02 zooty systemd-logind[936]: Removed session 413. the rsyslogd filtering should be able to get rid of them: Make a new file: /etc/rsyslog.d/systemd-drivel.conf :programname, isequal, "systemd-logind" ~ :msg, contains, "Activating via systemd" ~ :msg, contains, "Activation via systemd failed" ~ :msg, contains, "org.freedesktop.systemd" ~ (While I was in there, tossed in a few more rules to get rid of other less frequent but still annoying clutter messages.) more services ============= I see auditd running and spawning off some selinux crap. I also see mcelog running. I don't think I need either. /etc/default/grub - add audit=0 to kernel args /boot/grub2/grub.cfg - do the same chkconfig --level 12345 auditd off chkconfig --level 12345 mcelog off selinux ======= Stupid selinux policy updates keep taking forever to apply. Let's run the find-selinux script and see what I can get rid of. These could be erased without taking the whole system with it: yum -C erase setroubleshoot \ setroubleshoot-plugins \ setroubleshoot-server \ setools-libs \ setools-libs-python \ policycoreutils-python \ policycoreutils-sandbox \ setools-console \ selinux-policy-targeted \ checkpolicy \ policycoreutils \ selinux-policy \ policycoreutils-restorecond Also add this to /etc/yum.conf: exclude=selinux-policy-targeted selinux-policy zooty disk ========== Poor old /zooty disk up and died on me (gives me something to kill time playing with on the Thanksgiving holiday :-). I restored the backup to /space and renamed /space to /zooty and I'm up and running again, but I had to redo the port of the virtual machines to f16 since I hadn't backed them up in a while (they are backed up now :-). Probably have more stuff I ought to install on the VMs (like the epson artisan software, photoshop, other things). I probably eventually want to replace it with one of those 3TB 5400 rpm Hitachi drives with the 6GB/s interfaces, but wait a while till the prices come back down after the flooding out of all the disk factories. (Early guesses by CEO of Seagate is the end of 2012 before everything is normal again). cdrecord ======== Check out http://cdrecord.berlios.de/private/cdrecord.html for the latest version of the real honest to gosh working cdrecord tools, download and build from source. unpack, cd, gmake, sudo gmake install Everything is now under /opt/schily/bin /bin/bash ========= There was a bug in the initial bash rpm shipped with fedora that removed /bin/bash from /etc/shells even on an update. yum reinstall bash will reinstall bash from scratch and fix /etc/shells. libreoffice =========== yum install libpaper echo Letter > /etc/papersize At last! Furshlugginer libreoffice paper size finally defaults to Letter! firefox ------- This stuff was all inherited by restoring home directory, but the details are left here in case I need them again (like just now when I found I had to make a new ~/.mozilla directory to get the weather radar to function again). greasemonkey and the autocomplete on greasemonkey script fix problem with ccur webmail. Also need to install the Sidebar Bookmark Selector addon in order to get rid of annoying crap developers decided I needed in the bookmarks sidebar window. Found the "My Stuff" bookmarks were stashed up in the bookmarks toolbar I was able to get rid of with the above addon. Created a real "My Stuff" folder and moved them to it. Now all my bookmarks are back. Eradicate stoopid bookmark search box in sidebar: cat > ~/.mozilla/firefox/*.default/chrome/userChrome.css /* Bookmarks sidebar: hide "Search:" */ #bookmarksPanel > hbox { display: none !important } ^D In about:config set browser.startup.homepage_override.mstone to "ignore" to stop annoying "what's new" page popup on every update. set browser.sessionstore.resume_from_crash to false to stop annoying "reload session?" popup after abnormal termination. set browser.tabs.insertRelatedAfterCurrent to false to stop insane tab ordering set browser.urlbar.formatting.enabled = false to stop blindness when reading address set browser.urlbar.trimURLs = false to leave all the fucking information in place set browser.tabs.autoHide = true to get rid of tab when I only have one look for ipv6 config and disable it as well (runs faster and better sometimes). GACK! Firefox be busted in f13. If I try to install "too many" plugins it just starts exiting with status 1. It works with just the flash plugin. Looks like the culprit is greasemonkey. This was a bug with symlinks, changed /home to a bind mount of /zooty/home instead of a symlink. Friday the 13th =============== Grrr Aargh - came home Friday Apr 13, 2012 and the SSD disk was scrogged. Tried powering off and back on and it worked for a while then failed again. So I swapped in a disk from one of the other systems I never actually use (rebo) and reinstalled f16 on it. When trying to restore everything, I noted that mail was screwed up because I don't have /usr/local/bin/dannyboy and /usr/local/bin/trollfilter installed. I need to add them to the build all script. P.S. This turned out to be the infamous 5184 hours of operation bug in the 0009 firmware for the Crucial SSD drive (and my drive was running that long right on Friday the 13th :-). New firmware got it going again, so SSD drive is back in zooty. Looks like I also left isopack out of my list. Need to add it to buildall. AVRISP mkII =========== Need to add /etc/udev/rules.d/60-avrisp.rules: SUBSYSTEM!="usb_device", ACTION!="add", GOTO="avrisp_end" # Atmel Corp. JTAG ICE mkII ATTR{idVendor}=="03eb", ATTR{idProduct}=="2103", MODE="660", GROUP="dialout" # Atmel Corp. AVRISP mkII ATTR{idVendor}=="03eb", ATTR{idProduct}=="2104", MODE="660", GROUP="dialout" # Atmel Corp. Dragon ATTR{idVendor}=="03eb", ATTR{idProduct}=="2107", MODE="660", GROUP="dialout" LABEL="avrisp_end" avrdude can't see programmer otherwise. On a related note: Turns out I also have to provide power to the arduino board for the programmer to work.