Howto for Installing Xhier onto ubuntu
Supplement for Ray's solaris-specific install howto. (
http://www.math.uwaterloo.ca/mfcf/internal/procedures/OS/Solaris/xhier.shtml) . Maintained by
DanielAllen ; corrections to him, or make them here, directly.
Another related document is
SettingUpNewUbuntuArches.
OS Install
See
UbuntuInstallSteps for a detailed step-by-step.
Preparation, distribution machine(s):
- on administration master (eg., cscf.cs), (RCS) edit: /software/xhier/data/access-rights , add your host. (eg, a new cscf debian machine might be: mirror.cscf debian31.cscf )
- Note: you actually have to do this in:
cd /.software/admin/xhier/data
- Note2: newer machines might be:
scspc211.cs ubuntu-i386.cscf
- distribute xhier back to the proper master (in above example:
xh-dist2 debian31.cscf xhier
)
Preparation, target machine:
mkdir /vendor
tar -czvf /vendor.tgz /root/.cshrc /etc/{fstab,group,passwd,ssh} /usr/bin/{apt-get,chfn,chsh,passwd} /usr/sbin/{groupadd,useradd}
cd /vendor; tar -xzvf /vendor.tgz
- Put dns before files in /etc/nsswitch.conf.
- Copy /etc/hosts and /etc/networks from distribution machine (eg., ubuntu5-amd64.cscf)
- Copy /etc/passwd from somewhere reasonable, or add the following users and groups manually:
-
- by editing /etc/passwd and /etc/group if you're not using SElinux
# /etc/passwd
orphan:x:86:301:Nobody:/:
# /etc/group
everyone::301:
orphan::302:
none::303:
-
- Or, adding from command-line: add above users and groups with following format:
adduser --no-create-home --uid 86 --gid 301 --disabled-password --disabled-login orphan
ln -s / /fsys1
mkdir /vendor /xhbin /.software
mkdir /fsys1/.software
mkdir /fsys1/.software/{share,arch,admin,regional,local,spool}
ln -s /fsys1/.software/* /.software
ln -s /.software/share/ /software
- mounting
/.software/regional
from elsewhere if it's not a regional master
xh-first-time:
- requires that rcp really is rcp (on linux platforms the is sometime scp, so you must install a real rcp command, on recent Ubuntu platforms, this is provided by the rsh-client package)
- xh-first-time from master machine:
- there will be instructions of things to add and manpages to read; please do that. There are notes of likely specific changes below.
debian31:/etc# xh-first-time [YOUR MACHINE]
xh-first-time warning: The remote host hasn't specified an architecture
xh-first-time warning: in /software/xhier/config/local/allowed-types.
xh-first-time warning: Assuming for now that it has the same type as the
xh-first-time warning: local host, namely "Debian3.1-IA32".
xh-first-time FYI: The target host "ubuntu5-x86-64.cscf" doesn't appear
xh-first-time FYI: to be configured to receive
xh-first-time FYI: these packages: os-extras mfcf-basics xhier,
xh-first-time FYI: so they will be added to:
xh-first-time FYI: "/software/xhier,dev/data/client-requests/ubuntu5-x86-64.cscf".
xh-set-access-rights FYI: Initializing
xh-set-access-rights FYI: '/.software/admin/xhier/data/access-rights'
xh-set-access-rights FYI: to assume NO RECEPTION
xh-set-access-rights FYI: and NO DISTRIBUTION of software.
xh-set-access-rights FYI: It will either be updated later by a
xh-set-access-rights FYI: distribution from a machine of your
xh-set-access-rights FYI: administration, or it means that this is
xh-set-access-rights FYI: a new administration, so the file MUST
xh-set-access-rights FYI: be updated to describe where software
xh-set-access-rights FYI: for this machine comes from.
xh-set-access-rights FYI: See "man xhier-config" and "man xh-dist-hosts"
xh-set-access-rights FYI: for details.
xh-distribute FYI: "xhier" package maintainer: xhier_maintainer@math.uwaterloo.ca
xh-distribute FYI: rdist output of the "xhier" package from "debian31.cscf" follows:
updating host ubuntu5-x86-64.cscf
special: xhier Install warning: Although "hostnames `hostname`"
special: xhier Install warning: appeared to use /etc/hosts first,
special: xhier Install warning: this host now does appear to be
special: xhier Install warning: using DNS name service.
special: xhier Install warning: We must have run into the problem with
special: xhier Install warning: the "hostnames" command, as we
special: xhier Install warning: first observed on Solaris 8.
special: xhier Install warning: To avoid further spurious error diagnostics,
special: xhier Install warning: we will assume "hostnames" of
special: xhier Install warning: a FQDN will invoke DNS.
special: xh-set-local-maintainer FYI: creating "/.software/local/xhier/config/local/xhier_maintainer".
special: xh-set-local-maintainer FYI: please list any local maintainers here.
- edit
/.software/local/xhier/config/local/xhier_maintainer
:
- possibly should be an alias, such as:
debian_support
(You can hand-edit /etc/aliases to add that alias with a good initial value):
special: Assuming that this host is its own "regional server".
special: If it isn't, please put the hostname of
special: the regional server of this region into
special: "/software/xhier/data/hosts/regional_server".
special: See "man xhier-config" for details.
special:
special: Assuming this is not a 'standalone' host.
special: If that's an incorrect assumption,
special: use "xh-is-standalone on".
special: See "man xhier-config" for details.
special:
special: FYI: initializing /software/xhier/config/regional/options
special: FYI: initializing /software/xhier/config/local/options
special: xhier Install FYI: Creating "/root/.cshrc".
special: xhier Install: The "/root/.cshrc" is fixed
special: xhier Install: to include xhier search rules.
special: xhier Install: Do a "rm /root/.cshrc" to unfix.
special: xhier Install: Remember to change "/software/xhier/data/config.d"
special: xhier Install: as well if you undo this fix.
special: xhier Install FYI: Assuming this host is the
special: xhier Install FYI: "Debian3.1-IA32" architecture,
special: xhier Install FYI: so will set "arch=Debian3.1-IA32"
special: xhier Install FYI: in "/software/xhier/config/local/allowed-types".
special: xhier Install FYI: Assuming this host is in the
special: xhier Install FYI: "cs.uwaterloo.ca" administration,
special: xhier Install FYI: so will set "admin=cs.uwaterloo.ca"
special: xhier Install FYI: in "/software/xhier/config/local/allowed-types".
special: xhier Install FYI: Assuming this machine is its own region, so initializing
special: xhier Install FYI:
"/.software/regional/xhier/data/default-allowed-types/regional"
special: xhier Install FYI: to "ubuntu5-x86-64.cscf.uwaterloo.ca".
special: xhier Install FYI: Assuming this host is in the
special: xhier Install FYI: "ubuntu5-x86-64.cscf.uwaterloo.ca" region,
special: xhier Install FYI: so will set "regional=ubuntu5-x86-64.cscf.uwaterloo.ca"
special: xhier Install FYI: in "/software/xhier/config/local/allowed-types".
special: xh-make-xhier-aliases FYI: updating /.software/local/xhier/export/aliases
special: xh-add-rc FYI: creating "/etc/init.d/xhier".
special: xh-add-rc FYI: doing: ln -s /etc/init.d/xhier /etc/rc2.d/S99xhier
special: xh-add-rc FYI: doing: ln -s /etc/init.d/xhier /etc/rc3.d/S99xhier
special: xh-add-rc FYI: doing: ln -s /etc/init.d/xhier /etc/rc4.d/S99xhier
special: xh-add-rc FYI: doing: ln -s /etc/init.d/xhier /etc/rc5.d/S99xhier
special: xh-add-rc FYI: doing: ln -s /etc/init.d/xhier /etc/rc0.d/K21xhier
special: setogm: new mode "544" for "/etc/init.d/xhier", instead of "644"
[paste more likely output here]
Cleanup and adding new packages
- on the destination machine, run xh-local-maintenance and keep fixing error messages until there are none left.
- after that is done, add additional packages, as suggested by other similar machines.
- from the distribution machine, such as debian31, run: xh-dist2 [your machine] [package]
Additional debian/ubuntu fixes
GDM
The problem is diagnosed by noticing the following warning when logging into Gnome:
"Xsession: unable to launch "noglob" X session --- "noglob" not found; falling back to default session."
The workaround:
The two line additions from Dapper default are marked with '<----' below:
echo "$0: Beginning session setup..."
PREVIOUSPARAM=$1 # <----
# First read /etc/profile and .profile
test -f /etc/profile && . /etc/profile
test -f "$HOME/.profile" && . "$HOME/.profile"
# Second read /etc/xprofile and .xprofile for X specific setup
test -f /etc/xprofile && . /etc/xprofile
test -f "$HOME/.xprofile" && . "$HOME/.xprofile"
if [ -n $PREVIOUSPARAM ] ; then set $PREVIOUSPARAM ; fi # <----
Other fixes
- Before adding new deb packages, figure out if they're going to create new users or groups, and add them manually before-hand. Ideally, these users and groups can become part of
debian-1/export/passwd
and group
.
A few xhier gotchas can be fixed manually, if they're not handled automatically yet:
- apt-get install rdate (should be handled automatically).
- edit /etc/init.d/sysklogd to replace
SYSLOGD="-u syslog"
with SYSLOGD=""
- check permissions of 'slocate'. changes from vendor group ID to xhier ID sometimes causes problems:
root@lws001:/u5/drallen # ls -la /var/lib/slocate
total 1912
drwxr-x--- 2 root documentation 4096 2006-07-12 07:35 .
drwxr-xr-x 40 root root 4096 2006-07-06 07:45 ..
-rw-r----- 1 root slocate 1943089 2006-07-12 07:35 slocate.db
slocate has an xhier-assigned group id:
root@mef-fe02:/u5/drallen# grep slocate /etc/group
slocate::19752:
...so repairing the group owner (and the g+s for the binary) will fix this.
root@mef-fe02:/u5/drallen# chgrp slocate /usr/bin/slocate /var/lib/slocate
/var/lib/slocate/slocate.db
root@mef-fe02:/u5/drallen# ls -la /usr/bin/slocate
-rwxr-xr-x 1 root slocate 30216 Sep 23 2004 /usr/bin/slocate
root@mef-fe02:/u5/drallen# chmod g+s /usr/bin/slocate
root@mef-fe02:/u5/drallen# ls -la /usr/bin/slocate
-rwxr-sr-x 1 root slocate 30216 Sep 23 2004 /usr/bin/slocate
-
/etc/shadow
must be group shadow. Also, /sbin/unix_chkpasswd
must be group shadow and setgid. If a machine has changed users/groups, there's a chance that xhier will come along and make either or both files group orphan. In that case, the screen-lock will fail for both 'lock' and 'xscreensaver' (testable by running kcheckpass
and if that fails, screen lock will fail too). Fixed via: chgrp shadow /sbin/unix_chkpwd ; chmod g+s /sbin/unix_chkpwd ; chgrp shadow /etc/shadow
More details: https://launchpad.net/distros/ubuntu/+source/gnome-screensaver/+bug/45368
-
/etc/X11/Xsession.options
should comment out: "#allow-user-xsession"
to ignore users' ~/.xsession
file. Any customizations there which cause errors from the command-line will cause login to fail, and be annoying to debug.
-
/etc/environment
should change: LANG=en_US.UTF-8
to LANG=posix
because most non-linux hosts expect posix display (causes non-ascii characters to display, instead of spaces).
- you will want to adjust xhier exempt-users:
man updatepw
DESCRIPTION
The updatepw command builds a new password file.
First it reads a standard passwd file from the standard
input. If it is a AIX machine, it also reads the shadow
password file since the real password is stored there, along
with various other things. A exemption list of users (1 per
line) is also read if the exemption file
/software/setpw/data/config/exempt-users exists.
So on one host this might look like:
root@gl:/# cat /software/setpw/data/config/exempt-users
messageb*
haldaemo*
xinetd versus inetd
xinetd on Feisty has an option that can be added to
/etc/default/xinetd
, namely, if one
puts
XINETD_OPTS="-stayalive -inetd_compat"
tells xinetd to look at
/etc/inetd.conf
with the proviso that one may prefer to have greater
control by configuring the service in terms of xinetd's more refined configuration options. NOTE.
xinetd uses tcp wrappers.
Possible useful notes
Xhier setup
Make the usual directories /vendor /xhbin /.software and NFS mount points like home directories, mail, and the regional
xhier mount. Specifically I made a large enough root directory and no other partitions other than swap.
To allow for xhier distribution we need to allow for in.rshd service via some inetd server entry and protected
by tcp wrappers.
Install an inetd server, we choose the openbsd version since it is has fewer bugs than the netkit-inetd
package:
# apt-get install openbsd-inetd
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
tcpd
The following NEW packages will be installed:
openbsd-inetd tcpd
We then make use of the fact that openbsd-inetd installed tcp wrappers package,
tcpd
which allows us to edit
/etc/hosts.{allow,deny}
.
We next install rsh server, a requirement for xhier distribution. We choose the
rsh-redone-server
package because it has been rewritten from the ground up
to avoid bugs that exist in other versions.
Once this is done we make sure the inetd server is running and one should confirm
that
shell
service is available
inetd 9754 root 4u IPv4 66744 TCP *:shell (LISTEN)
When running xh-first-time you need to have csh installed. Preferably classic bsd csh
which is provided by
csh
package. Indeed if you do not you will see the following
failure on the arch master:
xh-first-time -v mef-fe12.student.cs
xh-first-time FYI: checking to see if "mef-fe12.student.cs" is accessible.
xh-first-time FYI: Checking the architecture claimed by "mef-fe12.student.cs".
xh-first-time warning: The remote host hasn't specified an architecture
xh-first-time warning: in /software/xhier/config/local/allowed-types.
xh-first-time warning: Assuming for now that it has the same type as the
xh-first-time warning: local host, namely "Ubuntu-amd64".
xh-first-time FYI: Checking the basic "/software" structure.
xh-first-time: Unrecognized status "bash: csh: command not found"
xh-first-time: obtained from an attempt to
xh-first-time: rsh mef-fe12.student.cs -n csh -c ...
xh-first-time: the basic structure check.
xh-first-time: Check the login configuration on "mef-fe12.student.cs".
Next, edit
/.software/local/xhier/config/local/requests
and make sure it has
the following uncommented text:
# Too many of the packages listed in admin and regional requests are
# # provided by the Linux distribution. So until we have updated xhier to
# # deal with vendor's supplying the same (or newer versions of) these
# # packages, lets setup xhier/config/local/requests to disable them.
-/software/xhier/config/admin/requests
-/software/xhier/config/regional/requests
#
# # Tools needed on all machines for the xhier installation and maintenance
# # of software packages.
xhier
# dependencies
mfcf-basics
os-extras
Next install the debian-1 package using xh-dist2, namely, run
xh-dist2 host debian-1
, where
host
is replaced with the hostname of the machine you are installing.
If the host you are installing belongs to an xhier region you'll likely be mounting home directories
via NFS and so you will need the xhier package
setpw
.
Backups?
If the machine is not needed to be backed up by Legato NetWorker, please
add
CheckDumpDates=no to
/.software/share/os-extras/config/local/config.d
and run
xh-install os-extras.