Line 19: |
Line 19: |
| virsh start --console template-fedora13 | | virsh start --console template-fedora13 |
| | | |
− | # set ssh keys of Sugar Labs sysadmins
| + | * Set ssh keys of Sugar Labs sysadmins: |
| + | |
| mkdir ~/.ssh | | mkdir ~/.ssh |
| cat >>~/.ssh/authorized_keys | | cat >>~/.ssh/authorized_keys |
| paste keys | | paste keys |
| + | |
| + | * Configure the SSH daemon: |
| | | |
| vi /etc/ssh/sshd_config | | vi /etc/ssh/sshd_config |
− | PermitRootLogin yes
| + | PermitRootLogin yes |
− | PermitEmptyPasswords no
| + | PermitEmptyPasswords no |
− | PasswordAuthentication no
| + | PasswordAuthentication no |
| service sshd restart | | service sshd restart |
| setsebool -P ssh_sysadm_login on | | setsebool -P ssh_sysadm_login on |
| | | |
− | # Put selinux in permissive mode
| + | * Put selinux in permissive mode (while we patiently wait for the day in which selinux in Fedora will become sort of usable out of the box without major tweaks): |
− | # while we patiently wait for the day in which selinux in Fedora will become
| + | |
− | # sort of usable out of the box without major tweaks.
| |
| vi /etc/sysconfig/selinux | | vi /etc/sysconfig/selinux |
| | | |
− | # remove root password
| + | * Remove root password (this lets us login from the console with no password): |
| + | |
| vipw -s | | vipw -s |
| | | |
− | # enable networking
| + | * Enable traditional networking (no NetworkManager nonsense): |
| + | |
| chkconfig network on | | chkconfig network on |
| start network | | start network |
| | | |
− | # Create sysadmin accounts
| + | * Create sysadmin accounts: |
| + | |
| mkdir /etc/skel/.ssh | | mkdir /etc/skel/.ssh |
| useradd -c "Bernie Innocenti" -m bernie | | useradd -c "Bernie Innocenti" -m bernie |
Line 50: |
Line 55: |
| ... | | ... |
| | | |
− | # add users to wheel group
| + | * Add users to wheel group (no better way in Fedora?): |
| + | |
| vigr | | vigr |
| | | |
− | # uncomment "%wheel ALL=(ALL) NOPASSWD: ALL" line in sudoers
| + | * Uncomment "%wheel ALL=(ALL) NOPASSWD: ALL" line in sudoers |
| visudo | | visudo |
| | | |
| ssh root@template-fedora13.sugarlabs.org | | ssh root@template-fedora13.sugarlabs.org |
| | | |
− | # install a bunch of useful packages
| + | * Install a bunch of useful rpms: |
| + | |
| yum install etckeeper bash-completion git-core strace munin-node duplicity postfix vim devtodo man | | yum install etckeeper bash-completion git-core strace munin-node duplicity postfix vim devtodo man |
| + | |
| + | * TODO: See [[Sysadmin/Template_virtual_machine]] for missing configuration steps |