# Local configuration of linux boxes These instructions should work for both arch-based (e.g. manjaro) or Ubuntu based (e.g. popOS) distributions # mounting disks Edit the /etc/ftab file as root. Add the following lines ``` 192.168.6.64:/Public /mnt/nfs_6_64 nfs vers=3,defaults 0 0 192.168.8.7:/Public /mnt/nfs_8_7 nfs vers=3,defaults 0 0 192.168.6.15:/PALM /mnt/PALM_dataserv nfs vers=3,noatime,nodiratime,noacl,nocto,bg 0 0 192.168.8.9:/Public /mnt/nfs_8_9 nfs defaults 0 0 192.168.8.60:/data/tronador /mnt/tronador nfs defaults 0 0 192.168.6.30:/GREY /mnt/grey nfs defaults 0 0 192.168.8.12:/GLACIER/disk1 /mnt/GLACIER_disk1 nfs defaults 0 0 192.168.8.12:/GLACIER/disk3 /mnt/GLACIER_disk3 nfs defaults 0 0 192.168.6.173:/DataVolume/Public /mnt/nfs_WD nfs vers=3,defaults 0 0 ``` then run ``` mkdir /mnt/nfs_6_64 /mnt/nfs_8_7 /mnt/PALM_dataserv /mnt/nfs_8_9 chmod 777 /mnt/nfs_6_64 /mnt/nfs_8_7 /mnt/PALM_dataserv /mnt/nfs_8_9 /mnt/GLACIER_disk3 /mnt/GLACIER_disk1 mkdir /mnt/GLACIER_disk4 /mnt/tronador /mnt/grey /mnt/GLACIER_disk1 /mnt/GLACIER_disk3 chmod 777 /mnt/GLACIER_disk1 /mnt/tronador /mnt/grey ``` then you can mount any drive by its name in the /etc/fstab file or its directory mountpoint. For instance: ```sh mount /mnt/grey ``` ### Setting up login with a public key in client do: ``` > ssh-keygen ``` enter for passphrase ``` cat ~/.ssh/id_rsa.pub | ssh marcnol@krakatoa "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys" ``` done! If for some reason, you still need to enter a password after setting up RSA then it may be because your .ssd directory in the server side has permissions that your ssh does not like. To check this do: ```sh tail /var/log/auth.log ``` and you may see something like: ```sh Sep 24 13:02:17 krakatoa sshd[122249]: Authentication refused: bad ownership or modes for file /home/marcnol/.ssh/authorized_keys ``` To solve it do: ```sh chmod 700 -R ~/.ssh ``` ### Use crontab to automate services This example will show how to run a script ```rsync_home.sh``` at 22:00 every day. Start by running: ``` crontab -e ``` and add ``` 0 22 * * * runuser -l marcnol -c '/home/marcnol/sysadm/rsync_home.sh' ``` then run ``` mkdir /home/marcnol/sysadm ``` create /home/marcnol/sysadm/rsync_home.sh and add: ``` date >> /home/marcnol/sysadm/last_backup.log rsync -avz --delete /home/marcnol /mnt/PALM_dataserv/DATA/BCKUSER > /home/marcnol/sysadm/rsync_home.log ``` ## Setup of linux boxes ### creating group cbs and changing userid for users define group ID, e.g. by ``` vi /etc/group cbs:x:1000:marcnol ``` then for modify /etc/passwd to change uid and gid as needed: ``` vi /etc/passwd marcnol:x:9999:1000:Marcelo Nollmann:/home/marcnol:/bin/tcsh ``` where 9999 is the new user ID (uid), and 1000 is the group ID (gid). for other users just modify the userID from the list below. ### adding new users typical command: ``` useradd cardozo --uid 2648 --home /home/cardozo --create-home --groups users --gid 1000 ``` To change uid of a user: ``` usermode -u 1002 rata chown rata:users -R /home/rata ``` ### Creating sysadm and giving root privileges ``` useradd sysadm --uid 1001 --home /home/sysadm --create-home --groups root --gid 0 visudo ``` add < sysadm ALL=(ALL) ALL > to the "User privilege specification" section Find the entry for %wheel. This is the wheel group. The '%' tells sudo to match vs a # group name in /etc/groups. Uncomment the line so it looks like: ``` %wheel ALL=(ALL) ALL ``` Save and exit with :wq (not necessary when using gedit or kate) Add the desired username to the wheel group.The new group is effective for given user #after new login. ``` /usr/sbin/usermod -G wheel sysadm ``` Edit the sudoers file again. This time remove the ability for every user to run sudo. #Comment out these lines, save and exit. ``` #Defaults targetpw # ask for the password of the target user i.e. root #ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'! ``` ### changing permissions to files in PALM_dataserv chown -R 10XX:1000 /home/user chown -R 10XX:1000 /data chown -R 2701:1000 /home/hernan chown -R 2648:1000 /home/cardozo ### Activation compte root (pour faire > su) run in CLI: ``` sudo passwd root ```