Installing a room machine from scratch

From ProgSoc Wiki

Jump to: navigation, search

This document is currently a work in progress: Based upon installs of Ubuntu 10.04 in August 2010

1. Install OSX, leaving room enough for Ubuntu (currently 60/20GB)

Note: Rani appears to have boot camp provisioned as well as OSX. Leaving as is and just installing ubuntu.

2. Setup OS X /home and LDAP (More information / link needed)

3. Follow instructions on Ubuntu wiki to prepare the boot environment - (install rEFIt)

Note: Rani doesn't have this setup yet. Will try to rectify after ubuntu install.

Ubuntu Setup

4. Install Ubuntu from CD, with a 1000MB swap partition and the remainder a root partition.

5. Set network settings in /etc/network/interfaces as below. IP addresses are located in The Fleet of Machines

auto eth0
iface eth0 inet static
        address 138.25.6.XX

6. Set DNS in /etc/resolv.conf as below:

search nameserver

7. Restart networking. sudo /etc/init.d/networking restart

8. Update all packages & set updating to automatic.


Install the following packages: libpam-ldap libnss-ldap nss-updatedb libnss-db

server name (ip address of crypt) ldap://

Make root database admin: no

Distinguished name dc=progsoc,dc=org

Version 3

Make local root admin: NO

No ldap login

Using your favorite text editor, edit the following config:  /etc/auth-client-config/profile.d/open_ldap 

and paste the following into it:

[open_ldap] nss_passwd=passwd: files ldap nss_group=group: files ldap nss_shadow=shadow: files ldap nss_netgroup=netgroup: files ldap pam_auth=auth required auth sufficient likeauth nullok #the following line (containing must be placed before #for ldap users to be placed in local groups such as fuse, plugdev, scanner, etc ... auth required use_first_pass auth sufficient use_first_pass auth required pam_account=account sufficient account sufficient account required pam_password=password sufficient nullok md5 shadow password sufficient use_first_pass password required pam_session=session required session required skel=/etc/skel/ session required session optional

sudo auth-client-config -a -p open_ldap

nano /etc/security/group.conf

add this to the end of file

  • *; *; Al0000-2400;audio,cdrom,floppy,plugdev,video,fuse,scanner,dip


sudo apt-get install nfs-common

mkdir /phatdisk

nano /etc/fstab /phatdisk nfs rw 0 0 /phatdisk/home /home none bind

sudo visudo

Add %progsoc-admin ALL=(ALL) ALL

Change Host name

TODO: fail2ban on rani, kali SSH fail2ban niflheim

Personal tools