Buchan Milne wrote: > > The operations you do below are ideal candidates for putting in a custom RPM. We > have one (cae-conf) which contains all the local config files (setting up ldap > auth), parts of config files (entries for /etc/fstab to mount /home/users, > /home/groups and /home/projects via NFS), and requires all the RPMs we need for our > setup to work (pam_smb, nfs-clients-utils, nss_ldap). The %post scripts are used to > apply the changes in the config files (all our configs go in /etc/cae to avoid > conflicts), backing up the originals, and adding our local ftp mirror of Mandrake to > urpmi.
I very much doubt that one case fits all here. The final customisation will always be an individual affair. > [EMAIL PROTECTED] wrote: > [...] > >This now makes my list of post-install necessary operations: > >> arrange automount of the home partition on /home, > >> from another linux remove all the contents of /home, > > Why? We set our users homes to be /home/users/$USERNAME, and groups are > /home/groups/$GROUPNAME. Then, if something really goes south, the user still has > /home/$USERNAME as a local directory, and can continue working (not that this has > ever been necessary), and allows them to have fast write access to a local disk for > semi-temporary stuff (without flooding /tmp, or risking loosing it on reboot). Why? The answer is to ease the transition between Mandrake releases. During this period you must be able to run your favourite programs from either Mandrake partition, with both accessing the same data which must be located in other partitions. This permits fallback at any time without any data loss. > >> replace fstab, > >> replace lilo.conf, > > run lilo, > >> get rid of the /mnt directory in favour of a /local directory, > >> set up many more mount points, > >> set up the same set of mount points for each machine on the network > >> under /<machine name>, > >> replace /etc/resolv.conf, > >> replace /etc/hosts, > > It shouldn't be necessary to change both resolv.conf and hosts should it? Yes, absolutely! resolv.conf contains the dotted quad addresses of your ISP's name servers and must be present on all networked machines, including the gateway. hosts contains the names and dotted quads of all other machines on the network (no network DNS) and is present on all of them. hosts is arranged in /etc/nsswitch on all machines to always be consulted before the ISP's name servers. > > change end of rc.local, > >> replace wine.conf, > > set default rouite of all non-gateway machines to the gateway (eth0), > >> install the iptables RPM (should have been installed by Mandrake), > >> set up iptables scripts (I use MonMotha's), > >> install the nfs-clients RPM, > >> replace /etc/exports, > >> run exportfs -r > >> add a script for setting the clock (ntp-set) with panel invocation, > > Why not just choose NTP setup in expert install mode (after timezone setting)? Or > put ntpdate in cron? Because the machine does not spend all its time connected to the Internet. ntpd would hang the machine in this condition while the attempted Internet access timed out. > >> set it executable by root, > >> run kdf and worldwatch all the time, > >> log on as root to set special schema for all root operations (These > >> appear when su to root - this is a bad omission by Mandrake). > > use ksys to move ip6tables and iptables services up to the 90s > > code the proper things for start and stop of /etc/init.d/ip6tables and > >/etc/init.d/iptables > >> etc. -- Ron. [au]
