Machine/template-fedora13: Difference between revisions
< Machine
Created page with '== Guest installation == qemu-img create -f qcow2 /srv/vm/template-fedora13.qcow2 10G virt-install -v --accelerate --nographics -x console=ttyS0,115200 \ --name template-f...' |
No edit summary |
||
| Line 19: | Line 19: | ||
virsh start --console template-fedora13 | virsh start --console template-fedora13 | ||
* Set ssh keys of Sugar Labs sysadmins: | |||
mkdir ~/.ssh | mkdir ~/.ssh | ||
cat >>~/.ssh/authorized_keys | cat >>~/.ssh/authorized_keys | ||
paste keys | paste keys | ||
* Configure the SSH daemon: | |||
vi /etc/ssh/sshd_config | vi /etc/ssh/sshd_config | ||
PermitRootLogin yes | |||
PermitEmptyPasswords no | |||
PasswordAuthentication no | |||
service sshd restart | service sshd restart | ||
setsebool -P ssh_sysadm_login on | setsebool -P ssh_sysadm_login on | ||
* Put selinux in permissive mode (while we patiently wait for the day in which selinux in Fedora will become sort of usable out of the box without major tweaks): | |||
vi /etc/sysconfig/selinux | vi /etc/sysconfig/selinux | ||
* Remove root password (this lets us login from the console with no password): | |||
vipw -s | vipw -s | ||
* Enable traditional networking (no NetworkManager nonsense): | |||
chkconfig network on | chkconfig network on | ||
start network | start network | ||
* Create sysadmin accounts: | |||
mkdir /etc/skel/.ssh | mkdir /etc/skel/.ssh | ||
useradd -c "Bernie Innocenti" -m bernie | useradd -c "Bernie Innocenti" -m bernie | ||
| Line 50: | Line 55: | ||
... | ... | ||
* Add users to wheel group (no better way in Fedora?): | |||
vigr | vigr | ||
* Uncomment "%wheel ALL=(ALL) NOPASSWD: ALL" line in sudoers | |||
visudo | visudo | ||
ssh root@template-fedora13.sugarlabs.org | ssh root@template-fedora13.sugarlabs.org | ||
* Install a bunch of useful rpms: | |||
yum install etckeeper bash-completion git-core strace munin-node duplicity postfix vim devtodo man | yum install etckeeper bash-completion git-core strace munin-node duplicity postfix vim devtodo man | ||
* TODO: See [[Sysadmin/Template_virtual_machine]] for missing configuration steps | |||
Revision as of 17:35, 25 July 2010
Guest installation
qemu-img create -f qcow2 /srv/vm/template-fedora13.qcow2 10G virt-install -v --accelerate --nographics -x console=ttyS0,115200 \ --name template-fedora13 --vcpus=4 --ram $((1*1024)) \ --os-type=linux --os-variant=fedora13 \ --network bridge:br0 \ --disk /srv/vm/template-fedora13.qcow2 \ --location http://download.fedora.redhat.com/pub/fedora/linux/releases/13/Fedora/x86_64/os/
- In Anaconda, select graphical installation over vnc
- Layout the disk with a single primary partition for root
- In package selection, choose "minimal system"
Initial configuration
At the end of installation, boot with:
virsh start --console template-fedora13
- Set ssh keys of Sugar Labs sysadmins:
mkdir ~/.ssh cat >>~/.ssh/authorized_keys paste keys
- Configure the SSH daemon:
vi /etc/ssh/sshd_config PermitRootLogin yes PermitEmptyPasswords no PasswordAuthentication no service sshd restart setsebool -P ssh_sysadm_login on
- Put selinux in permissive mode (while we patiently wait for the day in which selinux in Fedora will become sort of usable out of the box without major tweaks):
vi /etc/sysconfig/selinux
- Remove root password (this lets us login from the console with no password):
vipw -s
- Enable traditional networking (no NetworkManager nonsense):
chkconfig network on start network
- Create sysadmin accounts:
mkdir /etc/skel/.ssh useradd -c "Bernie Innocenti" -m bernie cat >>/home/bernie/.ssh/authorized_keys chown -R bernie:bernie /home/bernie/.ssh ...
- Add users to wheel group (no better way in Fedora?):
vigr
- Uncomment "%wheel ALL=(ALL) NOPASSWD: ALL" line in sudoers
visudo
ssh root@template-fedora13.sugarlabs.org
- Install a bunch of useful rpms:
yum install etckeeper bash-completion git-core strace munin-node duplicity postfix vim devtodo man
- TODO: See Sysadmin/Template_virtual_machine for missing configuration steps