-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ron Stodden wrote: | Buchan Milne wrote: | |>The operations you do below are ideal candidates for putting in a custom RPM. We |>have one (cae-conf) which contains all the local config files (setting up ldap |>auth), parts of config files (entries for /etc/fstab to mount /home/users, |>/home/groups and /home/projects via NFS), and requires all the RPMs we need for our |>setup to work (pam_smb, nfs-clients-utils, nss_ldap). The %post scripts are used to |>apply the changes in the config files (all our configs go in /etc/cae to avoid |>conflicts), backing up the originals, and adding our local ftp mirror of Mandrake to |>urpmi. | | | I very much doubt that one case fits all here. The final customisation | will always be an individual affair. |
But the majority of the configuration is identical, which means that you can reduce repetitive work. This is just one solution. It works for me. cfengine or something like that may be better. | |>[EMAIL PROTECTED] wrote: |>[...] |> |>>This now makes my list of post-install necessary operations: |>> |>>>arrange automount of the home partition on /home, |>>>from another linux remove all the contents of /home, |>> |>Why? We set our users homes to be /home/users/$USERNAME, and groups are |>/home/groups/$GROUPNAME. Then, if something really goes south, the user still has |>/home/$USERNAME as a local directory, and can continue working (not that this has |>ever been necessary), and allows them to have fast write access to a local disk for |>semi-temporary stuff (without flooding /tmp, or risking loosing it on reboot). | | | Why? The answer is to ease the transition between Mandrake releases. | During this period you must be able to run your favourite programs from | either Mandrake partition, with both accessing the same data which must | be located in other partitions. This permits fallback at any time | without any data loss. | Your mention of automount made me assume this was NFS. But if it is not, why not "init 1" and then remove the contents of /home? No need to mount it from another box? | |>>>replace fstab, |>>>replace lilo.conf, |>> |>> run lilo, |>> |>>>get rid of the /mnt directory in favour of a /local directory, |>>>set up many more mount points, |>>>set up the same set of mount points for each machine on the network |>>>under /<machine name>, |>>>replace /etc/resolv.conf, |>>>replace /etc/hosts, |>> |>It shouldn't be necessary to change both resolv.conf and hosts should it? | | | Yes, absolutely! resolv.conf contains the dotted quad addresses of | your ISP's name servers and must be present on all networked machines, | including the gateway. hosts contains the names and dotted quads of all | other machines on the network (no network DNS) and is present on all of | them. hosts is arranged in /etc/nsswitch on all machines to always be | consulted before the ISP's name servers. | This is of course unless you setup a local forwarding dns, in which case you only need to adjust resolv.conf, and if you have dhcp setup to tell clients where the dns server is, you don't even need to do that. | |>> change end of rc.local, |>> |>>>replace wine.conf, |>> |>> set default rouite of all non-gateway machines to the gateway (eth0), |>> |>>>install the iptables RPM (should have been installed by Mandrake), |>>>set up iptables scripts (I use MonMotha's), |>>>install the nfs-clients RPM, |>>>replace /etc/exports, |>>>run exportfs -r |>>>add a script for setting the clock (ntp-set) with panel invocation, |>> |>Why not just choose NTP setup in expert install mode (after timezone setting)? Or |>put ntpdate in cron? | | | Because the machine does not spend all its time connected to the | Internet. ntpd would hang the machine in this condition while the | attempted Internet access timed out. | | In my experience, ntpd does not do this. I have setup two 8.2 dialup boxes running ntpd. My /etc/ppp/ip-up.local just reloads ntpd so it sync's after connecting, and keeps updating. Of course, you could run ntpd on one box, and run ntpdate via cron on your other boxes pointing at your ntpd box. Of course, there are many ways to kill a cat. Being lazy, I would go for the one which is slightly more initial setup, but less work in the end. Buchan - -- |----------------Registered Linux User #182071-----------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x202 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/gpg.key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE8nwUsrJK6UGDSBKcRAtwwAKDDf39/gSqO9Dy9syb2SFu00X+tUgCgn5zk 3wmfnJjMpfA94Not1mlK8yU= =BvfF -----END PGP SIGNATURE-----
