Changes

no edit summary
Line 19: Line 19:  
  virsh start --console template-fedora13
 
  virsh start --console template-fedora13
   −
# set ssh keys of Sugar Labs sysadmins
+
* Set ssh keys of Sugar Labs sysadmins:
 +
 
 
  mkdir ~/.ssh
 
  mkdir ~/.ssh
 
  cat >>~/.ssh/authorized_keys
 
  cat >>~/.ssh/authorized_keys
 
  paste keys
 
  paste keys
 +
 +
* Configure the SSH daemon:
    
  vi /etc/ssh/sshd_config
 
  vi /etc/ssh/sshd_config
  PermitRootLogin yes
+
  PermitRootLogin yes
  PermitEmptyPasswords no
+
  PermitEmptyPasswords no
  PasswordAuthentication no
+
  PasswordAuthentication no
 
  service sshd restart
 
  service sshd restart
 
  setsebool -P ssh_sysadm_login on
 
  setsebool -P ssh_sysadm_login on
   −
# Put selinux in permissive mode
+
* Put selinux in permissive mode (while we patiently wait for the day in which selinux in Fedora will become sort of usable out of the box without major tweaks):
# while we patiently wait for the day in which selinux in Fedora will become
+
 
# sort of usable out of the box without major tweaks.
   
  vi /etc/sysconfig/selinux
 
  vi /etc/sysconfig/selinux
   −
# remove root password
+
* Remove root password (this lets us login from the console with no password):
 +
 
 
  vipw -s
 
  vipw -s
   −
# enable networking
+
* Enable traditional networking (no NetworkManager nonsense):
 +
 
 
  chkconfig network on
 
  chkconfig network on
 
  start network
 
  start network
   −
# Create sysadmin accounts
+
* Create sysadmin accounts:
 +
 
 
  mkdir /etc/skel/.ssh
 
  mkdir /etc/skel/.ssh
 
  useradd -c "Bernie Innocenti" -m bernie
 
  useradd -c "Bernie Innocenti" -m bernie
Line 50: Line 55:  
  ...
 
  ...
   −
# add users to wheel group
+
* Add users to wheel group (no better way in Fedora?):
 +
 
 
  vigr
 
  vigr
   −
# uncomment "%wheel ALL=(ALL) NOPASSWD: ALL" line in sudoers
+
* Uncomment "%wheel ALL=(ALL) NOPASSWD: ALL" line in sudoers
 
  visudo
 
  visudo
    
  ssh root@template-fedora13.sugarlabs.org
 
  ssh root@template-fedora13.sugarlabs.org
   −
# install a bunch of useful packages
+
* Install a bunch of useful rpms:
 +
 
 
  yum install etckeeper bash-completion git-core strace munin-node duplicity postfix vim devtodo man
 
  yum install etckeeper bash-completion git-core strace munin-node duplicity postfix vim devtodo man
 +
 +
* TODO: See [[Sysadmin/Template_virtual_machine]] for missing configuration steps